nmap as a networking sanity check

Recently, someone sent me a db connection string, but I couldn’t connect. How do you debug this?

nmap

nmap -p 5432 generic.postgres.database.azure.com -Pn

-p 5432 means port 5432 which is the standard postgres port

-Pn is what you do when a host doesn’t respond to ping

and the output

Starting Nmap 7.80 ( https://nmap.org ) at 2023-07-19 23:16 EDT
Nmap scan report for generic.postgres.database.azure.com (X.X.X.X)
Host is up.

PORT     STATE    SERVICE
5432/tcp filtered postgresql

Nmap done: 1 IP address (1 host up) scanned in 2.06 seconds

filtered is not open, which means, you’re probably getting firewalled.

For fun, compare that to checking I run a psql db on localhost:

$ nmap localhost -p 5432
Starting Nmap 7.80 ( https://nmap.org ) at 2023-07-19 23:16 EDT
Nmap scan report for localhost (127.0.0.1)
Host is up (0.000075s latency).

PORT     STATE SERVICE
5432/tcp open  postgresql

Nmap done: 1 IP address (1 host up) scanned in 0.05 seconds

open means I’m running a psql server locally. Once, fixed, I got

$ nmap -p 5432 generic.postgres.database.azure.com -Pn
Starting Nmap 7.80 ( https://nmap.org ) at 2023-07-20 00:58 EDT
Nmap scan report for generic.postgres.database.azure.com (X.X.X.X)
Host is up (0.022s latency).

PORT     STATE SERVICE
5432/tcp open  postgresql

Nmap done: 1 IP address (1 host up) scanned in 0.09 seconds

which means it’s now working.