InternetCorkboard
  • Computers & Electronics
  • Networking
  • Network Monitoring
  • Port Scanning

    • Port Scanning

    text size AAA Published December 26, 2011
    Print

    Overview

    Port scanning is a technique that searches network hosts for open ports and security breaches. A port is a point where information enters and leaves a computer. This software could be used by a hacker to break through a security system and enter a computer. Network administrators also use port scanning tools to verify network security procedures.

    There are different types of port scans:

    • Vanilla: an attempt to connect to all ports
    • Strobe: an attempt to establish a connection with a few ports
    • Fragmented packets: pass firewalls
    • UDP: looks for open UDP ports
    • Sweep: a connection with one port on multiple machines
    • FTP bounce: an attack on an FTP protocol
    • Stealth scan: is unable to be detected by network monitoring tools

    You can use software to protect yourself against malicious port scanning. IT professionals frequently use the netstat command to check open ports on Windows or UNIX systems.

    Port scanning software is available free of cost. There are several paid programs that cost more than $30. You can also download port scanning software from the Internet.

    Benefits

    Port scanning is used to determine whether computer ports are open or closed. Port scanning can be used with ping commands to keep a network secure. When conducting regular port scans, network administrators can identify potential threats before they become a problem. Port scans are both good and bad. They keep your network safe but also expose vulnerabilities to hackers.

    How It Works

    A computer has many physical ports that are used to plug in peripherals like a mouse, keyboard, printer, or scanner. In contrast, virtual ports allow information to flow between your computer and network. You can control data flow between your computer and network by blocking or regulating these ports.

    Some of the most common techniques used to perform port scanning include TCP connect() scanning, FTP bounce attacks, TCP FIN scannings, TCP SYN scanning, fragmentation scanning, TCP reverse ident scanning, UDP ICMP port unreachable scanning, UDP recvfrom() and write() scanning, and ICMP echo scanning.

    The most basic type of port scanning is TCP connect () scanning. The connect () call system is capable of opening a connection to every listening port on the entire system. If a port is listening, the call succeeds. Otherwise, the port is noted as unreachable. This type of port scanning is very advantageous since it is very fast and can be used on almost all UNIX systems.

    Linux based operating systems use UDP recvfrom() and write() port scanning techniques. This scanning method is used to determine open ports when a non-root user uses an UDP command.

    TCP SYN scanning is also known as half open scanning because you do not have to completely open a TCP connection to scan the port. In this type of scanning, a SYN packet is sent and the scanning program waits for a response. If a SYN|ACK response is received, then it indicates that the port is listening. On the other hand, an RST response indicates that the post is not listening.

    Companies/Brands

    T1 Shopper and Radmin have additional information regarding port scanners.

    Click to share this information
    Join the Discussion
    Start a new thread
    TextImageYouTuBe
    Network Monitoring Software

    Network Monitoring Software

    Overview Network monitoring systems are used to evaluate the performance of networked

    Ping

    Ping

    Overview A Packet Inter Network Groper (PING) is a standard software tool that is used to

    Packet Sniffer

    Packet Sniffer

    Overview Packet sniffers, also known as a network monitors and network analyzers, can be

    Note: The information provided on this site may be provided by third parties. The owners and operators of this site do not guarantee the accuracy, completeness, and compliance of the content on this site. Such content is not and shall not be deemed tax, legal, financial, or other advice, and we encourage you to confirm the accuracy of the content. Use is at your own risk, and use of this site shall be deemed acceptance of the above.