|
A port scanner is software designed to search a network host for open ports. This is often used by administrators to check the security of their network or by crackers to look for potential exploits on the machine.
Technically, the internet is, in the main, a TCP/IP and a UDP/IP network. Both the TCP element - Transmission Control Protocol - and the UDP - User Datagram Protocol - elements amongst other things work upon the notion that hosts (i.e. computers) can offer services, such as a web-server or email service, through a designated port. Other computers can ask to use such services, by sending an appropriate message to an appropriate port. By way of example (and stripping out some detail of the handshaking that goes on), when a web page is retrieved from a webserver, the client computer will typically send a get request to Port 80 of a computer running a webserver. The server will capture and act on the message received through its Port 80, and send back an HTML page to the client.
Different services, by convention, use different port numbers, such as:
- Web Servers - typically port 80, sometimes 8080
- SMTP Relays (forward email from one server to the next) - typically port 25
and, in fact, there can be anything up to 65,536 distinct Ports on a single machine. (And note, too, that a single Port can, generally, handle multiple simultaneous transactions - so a webserver can "talk" to many different users at the same time.)
Port scanners scan a computer and report on two things:
- Whether a Port exists. Ports only exist if there are services running on the computer which have caused the port to come into existence. A computer which is not running a web server will be unlikely to have a Port 80.
- Whether the Port is open or not. The system administrator or owner of a computer has the option to open Ports, or keep them closed. Open Ports will accept incoming messages. Closed Ports will not. Typically in a domestic computer, a firewall is used to ensure that Ports appear closed to external machines.
The information in a Port Scan has many legitimate uses; not least in checking machines to see that Ports are not left open without good reason. However port scanning can also be used to those who would do harm to or abuse another computer. Ports are places where data can enter the computer, and be run by a process on the computer. Many exploits depend upon finding open ports and sending to them strings of data that cause the computer operating system to malfunction in a predictable way (called a buffer overflow) that can be exploited, for instance to load more software which enables other tasks to be undertaken.
Running a port scan without permission is seen as unethical and most Internet Service Providers disallow it in their Acceptable Use Policies.
Port Scanners
- nmap is a popular port scanning tool for Windows and UNIX.
- Superscan (http://www.foundstone.com/index.htm?subnav=resources/navigation.htm&subcontent=/resources/overview.htm) is a popular port scanning tool for windows.
- Angry IP Scanner (http://www.angryziber.com/ipscan/)
- Unicornscan (http://www.dyadsecurity.com/s_unicornscan.html) is an advanced port scanning tool for unix.
See also |
Feeds |
Contact