Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more ＞
Troubleshooting tools for ISA Server
10.1.3 Exercise: Test port status
In this exercise, you need to use the Netstat and Telnet commands to determine the port status of the ISA Server computer. This technique can be used to verify security or to determine whether services running on the ISA Server computer are available to external sites.
Exercise: Test the ISA Server port
In this exercise, run the Netstat utility at the command prompt and note that different ports are open on the external interface of ISA Server.
Ø test the port status of the ISA Server computer:
1. Log in to Server1 as an administrator.
2. Click Start to select Run.
The Run dialog box appears.
3. In the Open text box, enter cmd and click OK.
A command prompt appears.
4. At the command prompt, enter netstat-an-p TCP.
The output information for all active TCP ports on the ISA Server computer appears. On the output screen, a list of IP addresses with port numbers on the left represents the local address for each active connection, and the IP address with the port number on the right indicates the external address of each active connection. Most local addresses in the output refer to the internal interface 192.168.0.1. However, at the end of the list there may be some local addresses for the connection that are external IP addresses of ISA Server.
5. How many active connections are currently in the external interface of ISA Server? Carefully examine the external addresses of these connections. Are these addresses really external remote addresses, or are they just another port on the same local address? Which ports in these external addresses are used to send information to the external interface of the ISA Server computer?
The answer is written in the following blank space:
6. On the ISA Server computer, open IE browser and connect to an external Web site, such as the
7. When the Web page is downloading in IE browser, switch to the Command Prompt window and enter netstat-an-p TCP again.
The output information for all active TCP ports on the ISA Server computer appears.
8. View the end of the output list. How many active connections are there on the external port of the ISA server computer compared to the answer in step 5th? See the active port for an external address not previously listed? After viewing the data, can you determine which external port is used to send web data to the local external IP address?
9. Which local port is this Web data sent to the external interface of the ISA Server computer? These ports are dynamic. Each connection is different. Write down the corresponding numbers for these ports in the blanks below.
Assume that the network has been compromised, detecting the state of the external ports that the hacker may be trying to pass, to troubleshoot security problems. You can try telnet to the external port to see if the service on the port responds to the connection request (typically, it needs to be done on the external computer).
10. Try telnet to connect to the external port written in step 9th. The method is to enter Telnet [externa_ip_address][port_number] at the command prompt. [Externa_ip_address] Here is the external IP address that is currently assigned to the ISA Server computer, [Port_number] is one of the local port numbers noted in step 9th (for example, Telnet 126.96.36.199 10123).
A message appears indicating that the connection port failed. This port is not a listening port. When the port receives an external connection, either a blank screen or output information from the service that is communicating on the port.
11. At the command Prompt window, try to telnet to each port in the left column of the following table. Specifies the external IP address that is currently assigned to the computer. For example, if your IP address is 188.8.131.52 25, you can enter Telnet 184.108.40.206 25 at the command prompt to connect to port 25 Telnet. In the right column of the following table, write down the open or closed state of these ports.
Port number Ports Status
Port openness does not imply a security vulnerability. However, for security reasons, some port considerations are best not to be in a static state, such as Netstat, (FTP), (Telnet), (SMTP), D (Finger) and (HTTP).
12. Close the command prompt answer window.
Summary of 10.1.4
There are a number of tools available for troubleshooting ISA Server. The first step is to use the ISA Server report. It can determine the cause of the performance failure. Event Viewer displays all the event messages generated by the ISA Server service. ISA Server Performance Monitor resolves problems with network usage, hardware, and configuration. Netstat is a command-line tool that can display all active TCP or UDP connections, which is helpful for troubleshooting security and connectivity issues. Alternatively, you can use the Telnet utility to check whether the server receives commands through a given port. Network Monitor captures and displays the frame content that Windows 2000 servers receive from the LAN. Finally, the route command verifies and modifies the routing table, confirming that all network segments can be accessed through a viable route. (End of Bar)
This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or
reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or
complaint, to firstname.lastname@example.org. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
and provide relevant evidence. A staff member will contact you within 5 working days.