Nmap is a free port scanner you can use to audit your own network and ensure the security of your hosts from outside your firewall as well. It is also entirely likely that your external interfaces are being scanned at this very moment with Nmap, or tools like it. One cool thing about Nmap, is that in addition to the ports open on the machine, it will also guess at the OS version. Grab a copy of either the binaries or source at insecure.org. We used the default version that comes with Red Hat 7.3. Here is a screenshot of Nmap in action using the GUI front end. The front end program also lists the command line options. After exploring the power of Nmap, you may be motivated to use a tool like PortSentry to protect your hosts from scanning.