开放端口检查器

检查任何 IP 地址上哪些端口开放。开放端口可能将服务暴露给互联网，如果未正确保护可能带来安全风险。

Enter an IPv4 address below and click 检查端口 to see a list of open ports, running services, detected vulnerabilities, and associated hostnames — powered by Shodan InternetDB.

什么是开放端口？

A 端口 is a communication endpoint used by network protocols like TCP and UDP to distinguish between different services running on the same device. When a port is "open," it means a service is actively listening for incoming connections on that port.

Open ports are essential for network communication — web servers listen on port 443 (HTTPS), email servers use port 25 (SMTP), and so on. However, unnecessary open ports can expose your system to attacks.

常用端口号及其服务

这个工具如何工作？

This tool queries the Shodan InternetDB, a free API that provides summary information about IP addresses including open ports, hostnames, software (CPEs), vulnerabilities (CVEs), and tags. The data is collected by Shodan's global network of crawlers and is updated weekly.

Unlike active port scanning, this tool uses 被动查询 — it retrieves previously observed data rather than probing the target in real time. This means:

• 结果反映最近的 Shodan 扫描，而非当前实时状态
• 查询期间不会向目标 IP 发送数据包
• 一些最近打开或关闭的端口可能尚未反映

为什么要检查开放端口？

• 安全审计 — Identify unexpected open ports that may expose vulnerable services
• 服务器加固 — Verify that only intended services are accessible from the internet
• 事件响应 — Quickly assess what an IP address was exposing when compromised
• 合规性 — Ensure your infrastructure meets security baseline requirements

如何保护开放端口

1. 关闭未使用的端口 — Disable services you don't need or bind them to localhost only
2. 使用防火墙 — Block incoming traffic on ports that shouldn't be publicly accessible
3. 保持软件更新 — Patch known vulnerabilities in services running on open ports
4. 使用加密 — Replace plain-text protocols (HTTP, Telnet, FTP) with encrypted alternatives (HTTPS, SSH, SFTP)
5. 实施访问控制 — Restrict access to sensitive services using IP allowlists or VPNs