Please take a moment to read, to help share the message and support the initiative to tell our leaders to focus on addressing the global world problems, instead of complaining about the effects of their lack of leadership. Be a leader yourself, and share this with as many people as possible. #demandglobalchange //

Please consider donating:

23,185 views | This page as PDF

Monitoring your network with Powershell

I have written a small powershell script that will help you to monitor various hosts on your network.   Instead of using ping to see if a host is alive, this script will connect to tcp ports, so you can also monitor hosts behind firewalls (or hosts that cannot be pinged).  In addition to this, you can also test that a port is closed (and report that this is ok if that is what you want); and only report a problem when the port is found open (instead of closed)

The script can be downloaded from the link at the bottom of this post.

This is how it works

1. Download the script, unzip it, and put it in a folder on a machine that

  • has Powershell installed
  • has access to the hosts you want to monitor

2. Create a text file in the same folder, containing the hosts you want to monitor. You can only put one entry per line.  This is the syntax :

host:port:status (which can be ‘open’ or ‘closed’)

so suppose you want to monitor a host called and verify that port 80 is open, add a line that says

If you want to monitor port 22 of host, which should be closed by default, add a line that says

Note : You can group certain servers by adding a group title between square brackets.

Example :

[internal servers]

[external servers]

3. Create a file called smtp.cfg and with the following entries (and replace the text surrounded by <> with your own settings)

smtpserver=<ip address of your smtp server>
from=<email address>
subject=[%hostname%] Port Monitor report (%events% event(s)) - %timestamp%

(all of the settings are mandatory)

As you can see, you can use 3 variables in the Subject field. (and of course, you are free to build your own subject field.)

Both “reportmode” and “alertmode” have 2 possible values :

reportmode=1  means : only show alert entries in the report

reportmode=2  means : show all entries in the report

alertmode=1  means : only send a report when something is wrong

alertmode=2  means : always send the report

How to use the script

You should have 3 files : the powershell script, the smtp.cfg file, and the file that contains the host entries.

From a powershell command line, launch the script, and use the filename of the “host entries” file as parameter.  The script will assume that smtp.cfg is in the local path.

Let’s say the hosts file is called hosts.txt and contains the following entries :


smtp.cfg is configured to send reports with all entries, to and, but only when there is something wrong (so alertmode = 1, reportmode = 2)

Launch the script :

c:\scripts> '.\pve_portmonitor.ps1' hosts.txt

 Written by Peter Van Eeckhoutte

[+] Reading input file
  - Connecting to host to verify that port tcp 8800 is open
    Result : port is open
  - Connecting to host to verify that port tcp 80 is open
    Result : port is open
  - Connecting to host to verify that port tcp 21 is open
    Result : port is open
  - Connecting to host to verify that port tcp 8888 is closed
    Result : port is closed

[+] Writing report to report.html

The report is written to html, but no email is sent (because there are no unexpected results)

When you set alertmode to 2, an email will be sent every time

[+] Sending email to,

The report looks like this :


Of course, you would need to schedule this script in order to be able to continuously monitor the hosts on your network. You can use the explanation at the bottom of this post to find out how to launch the script from a batch file. All that is left for you is to  schedule the batch file thru Task Scheduler / Scheduled Tasks.

Download the script

You need to be logged in to download this script. Click this link to register if you don’t have a useraccount yet

Please log in to download PVE Port Monitor (2.8 KiB)

Final notes

I don’t mind that you use/change this script to suit your own environment – but don’t forget to give me some credits :-)

© 2009 – 2010, Corelan Team (corelanc0d3r). All rights reserved.

Related Posts:

2 Responses to Monitoring your network with Powershell

Demand Global Change

The world needs your help !

Please take a few moments to read the "Demand Global Change Call For Action" document at
Read the full document at and share the message with as many people as possible.

Like the Facebook page, and SHARE it with everyone you know.


Want to support the Corelan Team community ? Click here to go to our donations page.

Want to donate BTC to Corelan Team?

Your donation will help funding server hosting.

Protected by Copyscape Web Plagiarism Tool

Corelan Team Merchandise

You can support Corelan Team by donating or purchasing items from the official Corelan Team merchandising store.

Corelan Live training

Since 2011, Corelan GCV has been teaching live win32 exploit dev classes at various security cons and private companies & organizations.

You can read more about the training and schedules here

Corelan on IRC

You can chat with us and our friends on #corelan (freenode IRC)