Reverse TCP and UDP checks

How to monitor resources that should not be normally accessible on certain TCP/UDP ports?

Q: I need to check whether Windows Firewall blocks certain TCP/UDP ports. How can I monitor the port that should normally be closed for connections?

A: If simple TCP/UDP connectivity check does, you can use a “Script or Program” monitor to watch such resources

Please follow the below steps to set up such monitors.

1. Download portqry installer from Microsoft site:

The above utility works for Windows 2000 and later versions.

Run the downloaded PortQryV2.exe; the program asks where to install the utility. Instructions below assume you chose


as directory to install portqry into. If you choose another folder name, please make appropriate changes to the instructions below.

2. Download VBScript (wrapper for portqry utility) archive: (978 bytes, SHA1 checksum 0d40a02e56e7ff863ed2cf74bd5e5fd4295cd7dd)

Unpack reverse-port-query.txt file from it, rename it to reverse-port-query.vbs and move to C:\scripts (or whatever folder do you choose).

Note: if on step 1 you chose folder different from C:\scripts to place portqry into, please open reverse-port-query.vbs in any text editor such as Notepad and change line 12:

portQry = "C:\scripts\portqry.exe"

(change if necessary to specify full path to portqry utility).

3. Start IPHost GUI client and create “Script or Program” monitor (for the host where IPHost is running). Set the monitor Main parameters like below:

Arguments line should contain three parameters, space-separated:

  • device/host DNS name/IP address
  • protocol (UDP or TCP, case-insensitive)
  • port number (integer value)

Reverse TCP monitor

The above sample monitor will be in OK state, while host doesn’t allow connections to TCP port 25 (that matches SMTP server).

Note: please make sure you state connection timeout value in “State conditions” tab to 10 or more seconds (typical Windows timeout limit while establishing TCP/UDP connections).

Related topics