Tales from the hacker underground: Port Scanning,Systems,Security/Firewalls

public Websites        
app_shortcut Software / Apps
devices Hardware / Gadgets
hub Networks
system_update_alt Systems
feedBlog 
starInnovators

public 
app_shortcut 
devices
hub 
system_update_alt 
feed 
star

        Adv

Tales from the hacker underground: Port Scanning4th Oct 2018 | category: Security/Firewalls  |  Hits: 55 
Port scanning is the act of systematically scanning a computer’s ports. A port on a computer is a place where information goes into and out of the computer and port scanning identifies the status of any of these ports.

Port scanning has legitimate use in network management but it can also be used in a malicious nature if an attacker is looking for weakened access point to break into a computer. Usually services running on these ports broadcast version and other information about itself for troubleshooting and other kinds of uses but this also gives a lot of information to the would be attacker.

Type of port scans
Vanilla

This type of scan attempts to connect to all known 65,535 ports

Strobe

This is a more focused scan and looks for only known services to exploit

Fragmented Packets

This type of scan sends packet fragments that get through simple packet filters in a firewall and later joined back together at the target

UDP

This type of scan looks for all open UDP ports

Sweep Scan

This kind of scan connects on the same port on more than one machine for example looking for any FTP servers an attacker would do a sweep scan for port 21 over a range of given network machines

Stealth scan

This kind of scan prevents the scanned computer from recording the port scan activities, this is due to the structure of the request sent by the port scanner.

Tools of the trade

                                    ZenMap
                                
The most popular tool for port scanning is nmap and provides a wide variety of options of performing different kind of port scans like stealth scans and many more. Its modular architecture has also enabled development of plugins that have expanded its capabilities

Defence

These attacks can now be easily detected by firewalls and intrusion detection systems. Current intrusion detection systems like snort can at times frustrate the attacker by dropping packets used in scanning giving the port scanning tools false positives.

Some other way of defeating the port scans is to install services on ports other than the default ports and also to disable display of service banner information to stop any finger print scans

Port scanning is not illegal per se but is most times indicative of beginnings of an attack hence measure have to be taken to secure any internet facing devices.

                    Tags:
                           Security 
                                            Network Protocols 
                      
                    Share link: 
                    
                                 Share
                                
                                  share
                                
                                 WhatsApp
                                
Related Posts
                            Spotify launches "Spotify HiFi" - helping you listen to your favorite songs the way artists intended
                            Sony Ericsson to introduce world's first playstation Smartphone.
                            Uganda gets cheaper Internet
                            Sceptre unveils the affordable, cost friendly 46-inch LED HDTV 3D home entertainment
                            iPhone OS 3.0.1 update released, fixes SMS vulnerability (updated with statement from Apple)
                            Google Project Zero (GPZ) finds security flaw in GitHub
                            What is a database?
                            Hello Microsoft Teams users, here comes Dynamic View feature.
                            BenQ Joybee GP1 with remote
                            A sneak peak in Android 12
                    
Adv