PORT SCANNING

Understanding Port Scanning

Port scanning is a process which gives flexibility to know what services are running on target machine. The most obvious method of conducting a TCP scan is to simply attempt to establish a normal TCP connection with the target host and service. Using TCP and UDP ports scan, identify listening ports and determine the type of operating system and other services and application running on system.

Full connection TCP scanning is the most polite of all the scanning methods, and it is also the slowest. The full connect TCP scan requires at least five packets to cross the wire. These packets are in following scenario.

Attackers use port scanning to identify the various types of services running on target system and which operating system is used by target machine. Using port scanning, lots of vulnerabilities are identified by attackers and according to that vulnerability he/she exploits the target machine.

Few Ports are numbered that TCP/IP uses to map packets to services. Some common ports are following.

Port No.    Services

21    Ftp

22    SSH

23    Telnet

24    SMTP

25    HTTP

26    POP3

27    NetBIOS

As shown above TCP uses Flags to communicate with target machines

SYN = Synchronize
ACK = Acknowledgement
RST = Reset
FIN = Finish
PSH = Push
URG = Urgent
And sometimes
NS = Nonce Sum
ECE = ECN-Echo