Port Scanning (Level 1 Hacking)
What are ports?
In easy language, they are the doors from which data enters & leaves the system.
In easy language, they are the doors from which data enters & leaves the system.
Two types of ports:
1) Hardware ports: It is typically found behind your CPU or laptop, these ports used to connect ur hardware devices.
2) Virtual ports: Mostly, this port is liked by attackers. Virtual ports are doors behind which software is running. Hence, to use specific software, user connects to its respective ports.
eg: If you wish to connect to website of ISP, u connect to port 80.
If u want to send mail, you connect to port 25 i.e. SMTP, then FTP: port 21
Downloading Mail: port 110 i.e. POP port.. etc etc
In the same way clients also has ports.
Services offered by server never shuts, so that client can use it anytime. Whereas, ports on client & home users PC are not opened all time, they are opened only when they uses the application (This is called as PORT in a nutshell).
Port scanning can be carried out on target system to gather the following information:
1) List of open ports
2) Names & version of services
3) Operating system information
1) Hardware ports: It is typically found behind your CPU or laptop, these ports used to connect ur hardware devices.
2) Virtual ports: Mostly, this port is liked by attackers. Virtual ports are doors behind which software is running. Hence, to use specific software, user connects to its respective ports.
eg: If you wish to connect to website of ISP, u connect to port 80.
If u want to send mail, you connect to port 25 i.e. SMTP, then FTP: port 21
Downloading Mail: port 110 i.e. POP port.. etc etc
In the same way clients also has ports.
Services offered by server never shuts, so that client can use it anytime. Whereas, ports on client & home users PC are not opened all time, they are opened only when they uses the application (This is called as PORT in a nutshell).
Port scanning can be carried out on target system to gather the following information:
1) List of open ports
2) Names & version of services
3) Operating system information
Port scanning can be carried out manually using telnet application, which is on all OS by default.
Now, port scanning tools are used, which are probably more faster than manual scanning done 1 by 1.
Now, port scanning tools are used, which are probably more faster than manual scanning done 1 by 1.
3rd party Tools (for attacker):
1) NMAP: This tool I like God Father of information gathering tool.
2) Strobe: For unix, free, fast & efficient
3) Netcat: Fast, reliable & efficient
4) Superscan
5) IPEye: Command prompt scanner
Google for these Tools.... You'll get them free...!!!!
Countermeasures:
There are no countermeasures that can be done against port scanning. But, only monitoring can be done.
Ports should be opened only when u use it i.e. run only those services which is essential to u.
Port 256, 257, 258 & 259 which is used by checkpoint firewall & port 1080, 1745 which is used by Microsoft Proxy Server (Firewall). If u finds these ports opened while scanning, then there is definitely a firewall.
To record logs:
One of the easiest software solution to firewall enumeration is to use an ACL
Access-list 101 deny tcp any any eq 256 log
So, System Admin can see a record afterwards: Who scanned this port.
0 comments:
Post a Comment
Note: Only a member of this blog may post a comment.