Developer

Tech Tip: Query a Win2K system's ports/Examine DNS zone properties

Learn how to query a system's ports and examine DNS zone properties.

Windows 2000 Professional: Query a system's ports with Portqry.exe

When you're tracking down a problem with SMTP, FTP, WWW, or another service, it's often necessary to determine if the server is actually listening on the ports specified for a particular service. Being able to query ports is also important when you're trying to lock down a computer in order to provide the best possible security.

Microsoft offers a tool called Portqry.exe that scans the ports on a system to determine port status. Unlike Telnet, Portqry.exe can query UDP ports as well as TCP ports; it can query a single port, a list of ports, or a range of ports. The program also returns extended information for some services, such as SMTP, POP3, IMAP4, and FTP.

Portqry.exe also can perform queries to LDAP services to determine if an LDAP server is listening on a particular port. If Portqry.exe finds a listening LDAP server, it retrieves quite a bit of extended data. This data can be particularly handy when troubleshooting LDAP queries and setting up LDAP directory service clients because it gives you the directory service's naming context and other useful information.

To use Portqry.exe, open a console, and CD to the folder where Portqry.exe resides. Issue the PORTQRY command, without any other parameters, to view the command's syntax. Then, go snooping on your local computer or server to find out what ports are open and what services are listening on those ports.

For more information on Portqry.exe or to download it, check out Microsoft Knowledge Base article 310298.

Windows 2000 Server: Examine advanced DNS zone properties

Windows 2000 DNS servers provide several advanced DNS settings. To view these settings, open the DNS console, right-click the DNS server, select Properties, and click the Advanced tab.

Here's a quick rundown of the settings you'll find:

  • Disable Recursion: This setting enables or disables recursion for all clients using this DNS server.
  • BIND Secondaries: This option enables or disables the fast zone transfers. Unless your BIND server runs version 4.9.4 or earlier, deselect this check box to enable the fast zone transfer.
  • Fail On Load If Bad Zone Data: By default, the DNS server skips errors or wrong data in the zone file. If you want the DNS server to fail when loading a zone with bad data, select this check box.
  • Enable Round Robin: This option enables or disables the round robin rotation of multiple host (A) records using the same IP address.
  • Enable Netmask Ordering: This setting enables or disables reordering of multiple host records based on the local subnet priority if the host is a multihomed computer (i.e., a computer with two or more network interfaces).
  • Secure Cache Against Pollution: This option enables or disables the method of adding resource records to the cache. When enabled, DNS server prevents caching of resource records that weren't answers for the originally issued query.

For even more detailed explanations of these settings, click the dialog box's question mark [?] button, and click one of these settings.

Editor's Picks

Free Newsletters, In your Inbox