Port
Scanning
Port Scanning is one of the most popular
techniques used by hackers to discover services that can be compromised.
- A potential target computer runs many ‘services’ that listen at ‘well-known’ ‘ports’.
- By scanning which ports are available on the victim, the hacker finds potential vulnerabilities that can be exploited.
- Scan techniques can be differentiated broadly into Vanilla, Strobe, Stealth, FTP Bounce, Fragmented Packets, Sweep and UDP Scans.
Port Scanning Techniques
Port Scanning Techniques can be broadly classified into:
- Open scan
- Half- open scan
- Stealth scan
- Sweeps
- Misc
Commonly used tools for port scanning
1.
Tool: SuperScan 3.0
2.
Tool: NMap (Network Mapper)
4.
Tool: ipEye, IPSecScan
Useful Port Numbers And Details
Telnet : Remote login works on port number 23.
Allows you to establish remote session on the server. Does not support Graphical User Interface (GUI) interface but supports only through commands, i:e; command line utility. And provides very little security.
FTP works on Application Layer Protocol and is used to transfer files securely between TCP/IP systems, providing file security. More secured because of user authentication and user logons and uses two types of connections (Data and Control Connection). FTP uses many commands and FTP uses TCP,i:e; 20 port number for data connection and 21 for control connection.
HTTP : Hypertext Transfer Protocol works on port number 80.
HTTP is used to transfer hypertext files across internet. Requires an HTTP client program on one end and HTTP server program on other end.
RPC : Remote Procedure Calls works on port number 135.
RPC is used for remote administration. Its function is to forward application function call to a remote system over the network. It can be used in IPv6 or IPng (IP version 6 or IP next generation which uses 128 - bit IP addressing).
No comments:
Post a Comment