UDP Port Scanner

Find Open UDP Ports with UDP Port Checker

Find Open UDP Ports with UDP Port Checker

Why Use Scantrics Online UDP Port Scanner?

In order to achieve complete coverage of a company’s network perimeter, discovering which network services are exposed to the Internet is vital for full security evaluation. By using this UDP port checker, you can obtain a clear and detailed report of open communication channels, finding out which port is open and which port is closed through accurate port discovery and service detection. Ensure your company is protected from attackers through better oversight of site vulnerabilities and securing all access to your network

Contents of the Report

Here is what you can expect in Scantrics’ UDP Port Scanner report:
TCP Scanner

Use Cases for TCP Port Scanner

Using the UDP Port scanner allows organizations to check if there are any unnecessary UDP ports exposed to the Internet, such as Memcached port 11211. This tool also provides additional information about the service version running on your server, so you know when it’s time to upgrade the software stack to prevent vulnerability exploitation.
Sometimes it can be difficult for network and server administrators to keep track of UDP ports being opened in each server. With the UDP Port Scanner, it’s become easier to create asset inventory and keep documentation up-to-date, so you get a holistic view of your overall network.
The UDP Port Scanner provides an easy way to determine whether your services can be reached from the Internet. This allows network and system administrators to troubleshoot port issues when they found out their service is down.

Technical Details

UDP stands for User Datagram Protocol and is a transport layer protocol (sits in Layer 4 within the OSI Layer) which is widely used in services which do not require establishing a proper TCP connection between client and server (although TCP is much more popular than UDP).

Services that make use of UDP includes:

  • DNS (domain name system) 
  • VoIP (voice over IP) 
  • DHCP (dynamic host configuration protocol) 
  • RTSP (real time streaming protocol) for content delivery 
  • Some OpenVPN systems that are based on UDP as the transport protocol

Any client can send any amount of UDP traffic to any destination without establishing a connection with the target. The target is not required to check for data loss or errors after receiving the UDP traffic.

As UDP does not require a connection to be established via an automated process called a ‘handshake’ like what TCP does, data can be transferred quickly between client and server via UDP packets (units of data transmission). However, the trade-off is that if a UDP packet gets ‘lost in transit’, the data will not be re-sent.

The characteristics of UDP makes it very suitable for applications which do not require guaranteed delivery of data, such as video streaming which operates on best effort delivery of streaming data. However, for applications that cannot tolerate data loss such as web browsing and text messaging, TCP is used instead.

Even though UDP services are less popular than TCP services, both possess the same risk if TCP ports and UDP ports are exposed to the Internet unintentionally, especially if they are vulnerable to attacks.

The most common attack that make use of UDP includes amplification attack where attacker exploits vulnerabilities in UDP-based protocols (such as DNS and Memcached) to respond to fake requests with very large traffic, potentially flooding the target victim. It is very important to discover all the UDP ports opened in your network to achieve complete coverage of the network and security evaluation.

The UDP Port Scanner has two scan types, which are Quick Scan and Full Scan.

What services are available under Quick Scan? 

  • Check for the most common Top 100 UDP ports 
  • Check for single IP address or Hostname 
  • Service version detection 

What services are available under Full Scan? 

Full Scan performs all the services of Quick Scan but with additional capabilities  

  • Check for all 65535 UDP ports 
  • Operating system detection 
  • Do Traceroute 

How it works?

How it works

UDP Port Scanner is based on the most popular port scanning tool, Nmap. The tool only requires the user to insert the IP/Hostname as target parameters to operate.

To perform the scan, the UDP Port Scanner sends UDP packets to each port in the specified target. If the target sends an “ICMP port unreachable” reply, then the port is marked as closed. However, if there’s no response received from the target, it is assumed that the port is either open or filtered by the firewall.

To determine that the port is really open, then service version detection is required, but this process can take some time. It is recommended to only use it after you performed the initial scan without service version detection. Once the tool identifies which ports are closed, you can exclude them in the next scan with service version detection enabled.

Explore More of Our Tools