When you're tracking down a problem with SMTP, FTP, WWW, or another service, it's often necessary to determine if the server is actually listening on the ports specified for a particular service. Being able to query ports is also important when you're trying to lock down a computer in order to provide the best possible security.

Microsoft offers a tool called Portqry.exe that scans the ports on a system to determine port status. Unlike Telnet, Portqry.exe can query UDP ports as well as TCP ports; it can query a single port, a list of ports, or a range of ports. The program also returns extended information for some services, such as SMTP, POP3, IMAP4, and FTP.

Portqry.exe also can perform queries to LDAP services to determine if an LDAP server is listening on a particular port. If Portqry.exe finds a listening LDAP server, it retrieves quite a bit of extended data. This data can be particularly handy when troubleshooting LDAP queries and setting up LDAP directory service clients because it gives you the directory service's naming context and other useful information.

To use Portqry.exe, open a console, and CD to the folder where Portqry.exe resides. Issue the PORTQRY command, without any other parameters, to view the command's syntax. Then, go snooping on your local computer or server to find out what ports are open and what services are listening on those ports.

For more information on Portqry.exe or to download it, check out Microsoft Knowledge Base article 310298.;en-us;310298