Scan Subnet for Open TCP Port

SubScan.zip

Click here to download and view the file.

Function: Scans a subnet to locate hosts with a specific TCP port open. The default port is 3389 (to identify PCs on the subnet).

Requirements: The script does not require an elevated PowerShell console.

Usage: .\FindPCsDotNetRS.ps1 <CIDR Subnet> <alternate TCP port>

The script takes two arguments:

1. The target subnet in CIDR notation. This argument is required.

2. The target TCP port. This argument is optional. If this argument is not specified, the script will search for hosts with TCP port 3389 open.

i.e. .\FindPCsDotNetRS.ps1 10.31.17.1/24 9100 (This will scan the 10.31.17.1/24 subnet for Jet-Direct printers.)

Output: The script will return a list of hosts in the target subnet listening on the target TCP port.

The script will attempt a reverse DNS lookup and if found include the results in the output.

Additional Information: This script creates a separate PowerShell runspace for each IP address in the subnet making the scan very fast.