A quick tip for testing available TCP egress, using nc, bash, and allports.exposed:
for i in {1..1023}; do nc -vz -w 1 allports.exposed $i; done
This will use nc with the -v, -z, and -w switches to attempt to connect to allports.exposed on TCP ports
1 through 1023. -v requests verbose output, -z puts nc in scanning mode, and -w 1 tells nc to time out after
one second.
You may need to adjust the value supplied with -w according to the anticipated latency of the network you’re on.
It’s not foolproof, but it’s a rapid way to assess what holes have been punched in the firewall with a minimum of tools.
There’s more information provided by the creator, Beau Bullock, here, along with some useful PowerShell scripts that do similar things.