Port Scanning is the name of the technique used to identify available ports and services on hosts on a network. Security engineers sometimes use it to scan computers for vulnerabilities, and hackers also use it to target victims. It can be used to send connection requests to target computers and then track ports. Network scanners do not actually harm computers; instead, they make requests that are similar to those sent by human users who visit websites or connect to other computers using applications like Remote Desktop Protocol (RDP) and Telnet. A port scan is performed by sending ICMP echo-request packets with specific flags set in the packet headers that indicate the type of message being transmitted: Type 8 indicates the request to be an echo-reply packet with the source IP address as the responding host, while Type 0 indicates that no response is expected from the responding host.
Types of Port Scans:
To protect your network from port scans, it is essential to understand the different types of port scans used by hackers.
- Vanilla: The scanner tries to connect to all 65,535 ports ) – The scanner looks for open UDP ports
- Sweep: The scanner pings an identical port on over one computer to envision which pc is active
- FTP Bounce: The scanner goes through an FTP server to mask the source
- Stealth: The scanner locks scanned computer records Scan of port
Types of Ports:
- Open: The host replies and announces that it is listening and open for queries. An undesired open port means that it is an attack path for the network.
- Closed: The host responds but notices that no application is listening. Hackers will scan again if it is opened.
- Filtered: The host does not respond to a request. This could mean that the packet was dropped due to congestion or a firewall.
Tools Used in Port Scanning:
- Nmap
- Angry IP Scan
- Netcat
- Zenmap
- Advanced Port Scanner
- MASSCAN