# TCP port monitoring Monitor critical services and infrastructure with targeted TCP port monitoring from multiple global locations. Verify that your essential services are accepting connections and responding properly. Ideal for databases, mail servers, and APIs. [ Start monitoring ](https://ohdear.app/register) 10 day free trial No credit card required ## Application-Layer Health Validation Verify services are actually accepting connections Verify services are actually accepting connections, not just that servers are online. Catch application hangs and resource exhaustion before users hit broken services. TCP port monitoring goes beyond basic connectivity to validate that your critical services are ready to handle requests and process data. Monitor the actual service endpoints your applications depend on, ensuring they're responsive when your users need them most. ## Critical Infrastructure Protection Monitor the backbone services users never see but always need Monitor databases, caches, message queues - the backbone services users never see but always need. Detect when core services stop responding even if the server appears healthy. Essential infrastructure components often fail silently while the host system continues running normally, leaving applications unable to function properly. Proactive monitoring of these critical services prevents cascading failures and ensures your entire stack remains operational. ## Port-Specific Intelligence Monitor multiple services per server independently Monitor multiple services per server independently (ie: database on 3306, Redis on 6379, SSH on 22). Identify which specific service failed during incidents. Server outages often affect only specific services, making granular monitoring essential for accurate diagnostics and efficient troubleshooting. Precise service-level monitoring eliminates guesswork during incidents and enables targeted remediation efforts. ## Connection Performance Insights Track TCP handshake times to detect network issues Track TCP handshake times to detect network congestion or service overload. Spot degrading performance before they become timeouts. Connection timing patterns reveal developing infrastructure problems long before they impact user experience or cause service failures. Use performance trends to make informed decisions about scaling, load balancing, and infrastructure optimization. ## Zero-Configuration Service Discovery Monitor any TCP service without installing agents Monitor any TCP service without installing agents or modifying applications. Works with legacy systems, third-party services, and black-box infrastructure. No need to modify existing applications or install monitoring agents that consume resources and require maintenance. External monitoring approach ensures you can validate services from the same perspective as your users and dependent systems. ## Dependency Chain Monitoring Verify external APIs and partner services are reachable Verify external APIs, partner services, and cloud providers are reachable. Monitor the services your applications depend on but you don't control. Third-party service failures can bring down your entire application stack, making external dependency monitoring critical for reliability. Early detection of your partner service issues allows you to implement fallbacks or notify users before they encounter problems. ## Security and Compliance Validation Confirm services are only accessible from expected networks Confirm services are only accessible from expected networks. Verify internal services aren't exposed externally. Security misconfigurations can accidentally expose sensitive services to the public internet, creating serious vulnerabilities. Regular validation from different network locations ensures your security policies are properly implemented and maintained. ## Real-World Service Availability Test the same connection path your applications use Catch firewall misconfigurations and network policy changes instantly. TCP port monitoring provides real-world validation of service accessibility from the networks and locations that matter to your business. ## Security-First Monitoring Monitor sensitive services without compromising security Monitor your most sensitive services and internal infrastructure safely by restricting access to Oh Dear's fixed IP addresses only. No need to expose services publicly for monitoring. Configure your firewalls, security groups, and access control lists to allow connections exclusively from Oh Dear's monitoring servers, maintaining your security posture while ensuring comprehensive monitoring coverage. Our static IP addresses never change, providing stable security rules that won't break over time. Monitor databases, internal APIs, and critical infrastructure without creating security vulnerabilities. WHITELIST OH DEAR'S IP ADDRESSES- Get our complete list of static IP addresses for secure monitoring. Perfect for firewall rules and security group configurations. [View our IP addresses](/docs/faq/what-ips-does-oh-dear-monitor-from). ## Stop worrying, start monitoring Start a no-strings-attached 10-day free trial. You're all set in less than a minute. (No credit card needed.) Not convinced yet? Need help? Get in touch via . ### Service monitoring to the next level Be confident that your services are available and and only available for the right people. ## Complete your monitoring strategy TCP monitoring works best alongside network monitoring TCP port monitoring complements [ping monitoring](https://ohdear.app/features/ping-monitoring) by validating service-level availability after network connectivity is confirmed. Use ping monitoring to verify basic network connectivity, then TCP monitoring to ensure specific services are responding on their designated ports. This layered approach provides comprehensive infrastructure monitoring, from network layer connectivity to application service availability. ## Reverse Monitoring & Compliance Get notified when hidden services unexpectedly come online Monitor services that should remain hidden for compliance and security reasons. Get immediate alerts when internal databases, staging APIs, or sensitive service ports accidentally become publicly accessible via TCP connections. Compliance violations often occur when supposedly isolated services become reachable due to configuration errors, firewall changes, or security misconfigurations that expose internal service ports. Set up reverse monitoring to ensure your sensitive services maintain their intended isolation and receive instant notifications if they become unexpectedly accessible from external networks. COMPLIANCE & SECURITY MONITORING- Perfect for PCI DSS, HIPAA, SOX compliance requirements where internal services must remain isolated. Monitor from multiple external locations to ensure your security perimeter remains intact. ## Really into the nitty gritty details? Want to get into the nitty gritty details of our monitoring? Have a look at our documentation. ## Frequently asked questions ### What is port monitoring? Port monitoring checks whether a specific TCP port, like your database, mail server, SSH, or a custom service, is accepting connections, and alerts you when it stops. It covers the services an HTTP check can't see. ### How do I monitor whether a TCP port is open? Add the host and port number in Oh Dear. Every check verifies the port accepts connections and alerts you the moment it becomes unreachable. [See all other FAQ items →](https://ohdear.app/docs/faq) ## Start monitoring instantly Start a no-strings-attached 10-day free trial. You're all set in less than a minute. (No credit card needed.) Not convinced yet? Need help? Get in touch via .