Networking

Get-WindowsOpenPorts and Get-LinuxOpenPorts functions


Get-WindowsOpenPorts and Get-LinuxOpenPorts are 2 functions of the SB-Tools PowerShell module which is available in the PowerShell Gallery. These are not port scanners.

Get-WindowsOpenPorts

This function returns an array of PS object, one for each open port on the target Windows computer. Each object has the following properties:

  • ComputerName: String, such as myPC.mydomain.com
  • Layer3Protocol: String, such as IPv4 or IPv6
  • Layer4Protocol: String, such as TCP or UDP
  • LocalAddress: System.Net.IPAddress, such as 10.11.12.13
  • LocalPort: Int32, such as 80 or 139
  • State: String, such as LISTENING

for example:

$Session = New-PSSession -ComputerName abc3.xyz.klm.com -Credential (Get-SBCredential xyz\myuser) 
$WinPorts = Get-WindowsOpenPorts -Session $Session 
$WinPorts | Format-Table -AutoSize

This cmdlet/function takes a required parameter ‘Session’, which is of type ‘System.Management.Automation.Runspaces.PSSession’ that can be obtained via New-PSSession cmdlet of the ‘Microsoft.PowerShell.Core’ module.

It also takes 2 optional parameters that serve to filter its output:

-Layer3 parameter takes either ‘IPv4’ or ‘IPv6’ values or both, and will output only the records that match this criteria

-Layer4 parameter takes either ‘TCP’ or ‘UDP’ values or both, and will output only the records that match this criteria

By default, this cmdlet will filter on IPv4/TCP only.

This cmdlet uses the IPGlobalProperties.GetActiveTcpListeners() method of the System.Net.NetworkInformation.IPGlobalProperties class. It also parses netstat command output to obtain the Layer4Protocol and State properties.

Get-LinuxOpenPorts

Similarly, this function returns an array of PS object, one for each open port on the target Linux computer. Each object has the following properties:

  • ComputerName: String, such as myPC.mydomain.com
  • LocalAddress: String, such as 10.11.12.13, or ::1 (IPv6)
  • LocalPort: Int, such as 80 or 139
  • Process: String
  • Protocol: String, such as TCP, UDP, TCP6, UDP6, or RAW6
  • RemoteAddress: String, such as 11.12.13.14, or 0.0.0.0, or ::
  • RemotePort: String, such as 389 or *
  • State: String, such as LISTEN, ESTABLISHED, CLOSE_WAIT, TIME_WAIT, or LAST_ACK

for example:

$Session = New-SSHSession -ComputerName abc10.xyz.klm.com -Credential (Get-SBCredential myuser) -AcceptKey
$LinuxPorts = Get-LinuxOpenPorts -Session $Session -Verbose
$LinuxPorts | Format-Table -AutoSize

This cmdlet/function takes a required parameter ‘Session’, which is of type ‘SSH.SshSession’ that can be obtained via New-SSHSession cmdlet of the ‘POSH-SSH’ module.

It also takes 1 optional parameter that serves to filter its output:

-Protocol parameter takes one or more of the following values: TCP, UDP, TCP6, UDP6, RAW6, ALL, and will output only the records that match this criteria

By default, this cmdlet will filter on ‘ALL’

This command invokes ‘netstat -anp’ on the provided Linux host and parses its output to produce the resulting PS objects.


To use the SB-Tools PowerShell module which is available in the PowerShell Gallery, you need PowerShell 5. To view your PowerShell version, in an elevated PowerShell ISE window type

$PSVersionTable

To download and install the latest version of SB-Tools from the PowerShell Gallery, type

Install-Module SB-Tools,POSH-SSH -Force

SB-Tools contains functions that depend on POSH-SSH module, and they’re typically installed together.

To load the SB-Tools and POSH-SSH modules type:

Import-Module SB-Tools,POSH-SSH -DisableNameChecking

To view a list of cmdlets/functions in SB-Tools, type

Get-Command -Module SB-Tools

To view the built-in help of one of the SB-Tools functions/cmdlets, type

help <function/cmdlet name> -show

such as

help Convert-IpAddressToMaskLength -show

Advertisements

Convert-IpAddressToMaskLength and Convert-MaskLengthToIpAddress PowerShell functions


Convert-IpAddressToMaskLength and Convert-MaskLengthToIpAddress PowerShell functions are two supporting functions in the SB-Tools PowerShell module that do what their names suggest.

These two functions come in handy when manipulating IPv4 addresses. For example, when adding/removing IPv4 address to/from a network interface using PowerShell during automated provisioning.

For example, the Get-NetIPAddress cmdlet of the NetTCPIP module, returns information similar to

Notice that the familiar dotted decimal subnet mask is missing. Instead we get ‘PrefixLength’ which is the number of bits that represent the network address out of the 32 bit IPv4 address. So, a 24 bit prefix means a 255.255.255.0 subnet mask.

The Convert-IpAddressToMaskLength function takes one or more dotted decimal subnet masks and returns the corresponding bit lengths. For example

Convert-IpAddressToMaskLength 255.0.0.0,255.192.0.0,255.255.255.224

will return 8,10,27

Similarly, the Convert-MaskLengthToIpAddress 9,11,28 will return:


To use the SB-Tools PowerShell module which is available in the PowerShell Gallery, you need PowerShell 5. To view your PowerShell version, in an elevated PowerShell ISE window type

$PSVersionTable

To download and install the latest version of SB-Tools from the PowerShell Gallery, type

Install-Module SB-Tools,POSH-SSH -Force

SB-Tools contains functions that depend on POSH-SSH module, and they’re typically installed together.

To load the SB-Tools and POSH-SSH modules type:

Import-Module SB-Tools,POSH-SSH -DisableNameChecking

To view a list of cmdlets/functions in SB-Tools, type

Get-Command -Module SB-Tools

To view the built-in help of one of the SB-Tools functions/cmdlets, type

help <function/cmdlet name> -show

such as

help Convert-IpAddressToMaskLength -show