Port scanning

Port Scanning


In computer networking a port is used to run services, a communication endpoint. A port is a point through which information flows from a program to your computer or to your computer from an internet or another computer in a network. A port has three different meanings - hardware port, internet port number, to port a software program from one platform to another. There are total of 65,535 ports in internet protocols.


Scanning is the second step of hacking followed by footprinting. In footprinting we gather as much information we can of our target. Port Scanning is one of the most popular techniques attacker use to discover services they can exploit to break into your computer system, according to SANS institute. Through Scanning an attacker will be able to find out - if the server is alive or not, an IP address of a target machine, system's architecture, services running on each system.








Tools used for port scanning 

  • Solarwinds
  • Advanced port scanner
  • Angry IP scanner
  • Nmap
  • Zenmap

Internet Port Number - Also known as virtual port numbers, IANA (Internet Assigned Numbers Authority) is responsible for the global coordination of the DNS Root, IP addressing and other internet protocol resources. Which includes registration of commonly used port numbers for well-known internet services.



Some of the most commonly used port numbers are

20/21 : FTP File Transfer Protocol

22 : SSH Secure Shell

23 : Telnet

25 : SMTP Simple Mail Transfer Protocol

53 : DNS Domain Name System(Server)

80 : HTTP Hypertext Transfer Protocol

110 : POP3 Post Office Protocol

143 : IMAP Internet Message Access Protocol

443 : HTTP Secure





The simple Nmap command scans 1,000 TCP ports on the host (target) machine. It divides into few states  - Open, closed, filtered.

Open - An open port simply means that an application is openly accepting TCP connections, UDP datagrams on this port. Attacker wants to attack an open port because here they see this as a vulnerability while administrators try to close or protect them with firewall.

Close - Close port means that the port is blocked from either coming into or going out of the network.

Filtered - Filtered port cannot be determined if the port is open, it simply means that it is inaccessible from any which ways. 


Learn : MAC address















Comments

Popular

OSI model

Ethical hacking terminologies

Phases of ethical hacking