Port Scanning

Sunny Jovita – 2301939046

Week 12

Disclaimer: This blog is for educational purposes only.

Port scanning is a method of determining which ports on a network are open and could be receiving or sending data. It is also a process for sending packets to specific ports on a host and analyzing responses to identify vulnerabilities.

The goal behind port and network scanning is to identify the organization of IP addresses, hosts, and ports to properly determine open or vulnerable server locations and diagnose security levels. Both network and port scanning can reveal the presence of security measures in place such as a firewall between the server and the user’s device.

Here are some of the more prominent ports and their assigned services:

1. Port 20 (UDP) holds File Transfer Protocol (FTP) used for data transfer
2. Port 22 (TCP) holds Secure Shell (SSH) protocol for secure logins, ftp, and port forwarding
3. Port 53 (UDP) is the Domain Name System (DNS) which translates names to IP addresses
4. Port 80 (TCP) is the World Wide Web HTTP

In addition, numbers 1024 through 49151 are considered “registered ports” meaning they are registered by software corporations. Ports 49,151 through 65,536 are dynamic and private ports – and can be used by nearly everyone.

A port scanner generally sends a TCP or UDP network packet and asks the port about their current status. Below are three types of responses:

1. Open, Accepted: The computer responds and asks if there is anything it can do for you.
2. Closed, Not Listening: The computer responds that “This port is currently in use and unavailable at this time.”
3. Filtered, Dropped, Blocked: The computer doesn’t even bother to respond.