A port scan is a series of messages sent by someone attempting to break into a computer to learn which computer network services, each associated with a "well-known"
port number, the computer provides. Port scanning, a favorite approach of computer
cracker, gives the assailant an idea where to probe for weaknesses. Essentially, a port scan consists of sending a message to each port, one at a time. The kind of response received indicates whether the port
is used and can therefore be probed for weakness.
Types of port scans include:
- Vanilla - An attempt to connect to all ports (there are 65,536)
- Strobe - An attempt to connect to only selected ports (typically, under 20)
- Stealth scan - Several techniques for scanning that attempt to prevent the request for connection being logged
- FTP Bounce Scan - Attempts that are directed through an File Transfer Protocol server to disguise the cracker's location
- Fragmented Packets - Scans by sending packet fragments that can get through simple packet filters in a firewall
- UDP - Scans for open User Datagram Protocol ports
- Sweep - Scans the same port on a number of computers
Contributor(s): Stephanie Ireland
This was last updated in October 1999
Dig Deeper
-
You don't have to rely on Adobe's Acrobat Reader as your only PDF viewer; Google Chrome provides a secure PDF viewer that cuts down on your chances of falling victim to a PDF exploit.
-
Security researchers from Trustwave's Spiderlabs research team demonstrated malware,--including a Windows credential stealer--that uses automated processes to avoid detection and dupe forensics investigators.
-
Social engineering attacks trick users into installing rogue security software. Users need to be educated to avoid falling prey, and IT needs the tools to remove the fake security software.
-
People who read this also read...
-
Resources from around the Web