Home » » What is Port Scanning

What is Port Scanning

13:03

Port Scanning

Port scanning is a way of figuring out which ports are listening and accepting connections. Because most services run on standard, documented ports, this information can be used to determine which services are running. The simplest form of port scanning involves trying to open TCP connections to every possible port on the target system. While this is effective, it's also noisy and detectable. Also, when connections are established, services will normally log the IP address. To avoid this, several clever techniques have been invented to avoid detection.

A SYN scan is also sometimes called a half-open scan. This is because it doesn't actually open a full TCP connection. Recall the TCP/IP handshake: When a full connection is made, first a SYN packet is sent, then a SYN/ACK packet is sent back, and finally an ACK packet is returned to complete the handshake and open the connection. A SYN scan doesn't complete the handshake, so a full connection is never opened. Instead, only the initial SYN packet is sent, and the response is examined. If a SYN/ACK packet is received in response, that port must be accepting connections. This is recorded, and a RST packet is sent to tear down the connection to prevent the service from accidentally being DoSed.

X-mas, and Null Scans

In response to SYN scanning, new tools to detect and log half-open connections were created. So, yet another collection of techniques for stealth port scanning evolved: FIN, X-mas, and Null scans. These all involve sending a nonsensical packet to every port on the target system. If a port is listening, these packets just get ignored. However, if the port is closed and the implementation follows protocol (RFC 793), a RST packet will be sent. This difference can be used to detect which ports are accepting connections, without actually opening any connections.

The FIN scan sends a FIN packet, the X-mas scan sends a packet with FIN, URG, and PUSH turned on (named because the flags are lit up like a Christmas tree), and the Null scan sends a packet with no TCP flags set. While these types of scans are stealthier, they can also be unreliable. For instance, Microsoft's implementation of TCP doesn't send RST packets like it should, making this form of scanning ineffective.

Another way to avoid detection is to hide among several decoys. This technique simply spoofs connections from various decoy IP addresses in between each real port-scanning connection. The responses from the spoofed connections aren't needed, because they are simply misleads. However the spoofed decoy addresses must use real IP addresses of live hosts; otherwise the target may be accidentally be SYN flooded.



Categories: 
Related Posts:
  • iPhone6-Larger Display The new iPhone6 is the one of the most nice devices. Apple's latest news and predictions about the iphone 6.Iphone 6 rumored to include 10+-megapixel camera with f/1  to builda more affordable iphone, one analyst bel… Read More
  • Abstract data type In programming, a data set defined by the programmer in terms of the information it can contain and the operations that can be performed with it. An abstract data type is more generalized than a data type constr… Read More
  • Nokia Asha 501 Nokia Asha 501 is affordable smartphone design and bold color, a high-quality build and an innovative user interface. The Nokia Asha 501 is the first device to run on the new Asha platform, that is read to make the e… Read More
  • tips Harm Prevention pc Harm Prevention pc You may use any of these methods to remove unwanted programs: •  Use Windows’ add/remove programs . •  Use the PC Decrapifier . •  Use Revo Uninstaller best. Using only one of these met… Read More
  • Set Google Reader Offline-new data Google Gears is a Google-powered open source project aiming to allow  web site publishers to make a part of their application available offline.  Not too many web sites have this feature enabled yet, but those th… Read More
  • Top 20 Best Free Email Service Top 20 Best Free Email Service Top email providers 2013 Many email providers allows users to personalize their pages with a free e-mail account, weather information, news, sports,and many other elements designed to make … Read More
  • Website Domain fundamental Electronic mail Email is a big topic. Chapters 5 and 6 talked a little about the SMTP port 25 used for mail transfer, and they briefly mentioned Postfix and qmail, the two most viable mail transfer agents (MTAs) avai… Read More
  • iball Andi5-E7 The new iball andi 4 5z is a bang on in the mobile market with a powerful  processor and a gorgeous camera quality that will enhance the experience of having a smartphone. Powered by Android, the stylish iBall And… Read More
  • Apple_iPhone5s_sm1 The design of the phone is largely unchanged from the slick aluminum iPhone 5.  There is now, of course, a gold iPhone in the mix, and the black  model is a bit more gray, but otherwise, the screen, body dimensio… Read More
  • How to gets sms backup  your Android device there are  SMS Backup option.  set SMS Backup With Your Gmail Log into your Gmail account. The first thing make   SMS Backup folder uploads them and labels them, then shoves th… Read More
  • Samsung Galaxy S5 - Wireless charging - ANT+ support- S-Voice natural language commands and dictation- Smart stay, Smart pause, Smart scroll- Air gestures- Dropbox (50 GB cloud storage)- Active noise cancellation with dedicated mic- TV-out … Read More
  • Multi material 3d printers 3d systems offers high speed multi-material printer 3d  the new projet 5500x by 3d systems was created for serious designers working in grand scales with multiple materials in mind according to 3d systems, the ne… Read More
  • SQL Commands List-Database Servers SQL Commands Command Description ALTER DATABASE Alters the selected database by adding or removing files. ALTER TABLE Alters a table within a database by altering, adding, or dropping colum… Read More
  • unlimited web hosting Web hosting & domain names - doteasy.com unlimited web hosting add an unlimited number of domains to your account, and enjoy unlimited sub-domains, aliases, web space, traffic and mysql databases.Unlimited ho… Read More
  • Top 10 Online screen sharing app   Online screen sharing   free and safe  web base app. Free Screen Sharing and Online Meetings.Instant Screen Sharing. web-based screen sharing. http://www.screenleap.com http://screenhero.com http://www.c… Read More