Server Administration
  Home arrow Server Administration arrow Page 2 - IP Network Scanning and Security Recon...
Codewalker Forums 
  Tutorials  
Database Articles  
Miscellaneous  
Navigation Usability  
PEAR Articles  
Programming Basics  
Server Administration  
XML Tutorials  
  Reviews  
Database Book Reviews  
Linux Book Reviews  
Miscellaneous Reviews  
PHP Book Reviews  
PHP Software Reviews  
Server Admin Reviews  
SQL Tool Reviews  
  Code Gallery  
Content Management Code  
Contest Code  
Counters Code  
Database Code  
Date Time Code  
Discussion Board Code  
Email Code  
File Manipulation Code  
GUI Code  
Link Farm Code  
Miscellaneous Code  
Search Code  
Site Navigation Code  
User Management Code  
Mobile Linux 
App Generation ROI 
IBM® developerWorks 
Download TestComplete 
Forums Sitemap 
Weekly Newsletter 
 
Developer Updates  
Free Website Content 
 RSS  Articles
 RSS  Forums
 RSS  All Feeds
Write For Us Get Paid 
Request Media Kit
Contact Us 
Site Map 
Privacy Policy 
Support 
 USERNAME
 
 PASSWORD
 
 
  >>> SIGN UP!  
  Lost Password? 
SERVER ADMINISTRATION

IP Network Scanning and Security Reconnaissance
By: Joe Eitel
  • Search For More Articles!
  • Disclaimer
  • Author Terms
    		•
    Rating: 5 stars5 stars5 stars5 stars5 stars / 1
    2008-08-13

    Table of Contents:
  • IP Network Scanning and Security Reconnaissance
  • Port Scanning
  • Reconnaissance
  • Security
    		•

    Rate this Article: Poor Best 
      ADD THIS ARTICLE TO:
      Del.ici.ous Digg
      Blink Simpy
      Google Spurl
      Y! MyWeb Furl
    Email Me Similar Content When Posted
    Add Developer Shed Article Feed To Your Site
    Email Article To Friend
    Print Version Of Article
    PDF Version Of Article
    		 
     
    ADVERTISEMENT

    IP Network Scanning and Security Reconnaissance - Port Scanning
    (Page 2 of 4 )

    In order to make an effort to fight against network attacks, you must first know a little bit about their nature and technology. The most basic tool in any hacker or network security analyst’s toolkit is port scanning. On every computer, there are 65,535 ports which can allow access to the world into your computer. Fortunately, most computers control these ports effectively and block access to all of them except under special circumstances.

    There are two main types of port scanning methods: TCP and UDP. In TCP scanning, a packet of information—generally created with the network technologies of an operating system—is sent to another computer in an attempt to generate a connection. In UDP scanning, a packet is sent much like in TCP, but when the other computer responds to the packet, the original computer will sever the connection. UDP is considerably more efficient in gleaning large amounts of information without a computer becoming entangled in a communication connection. However, because UDP does not use communication, it relies merely on the presence or lack of a response, rather than the information that would be sent through one.

    When a user performs a scan on a computer’s ports, a small packet of data will be sent to each individual port, and depending on what is sent back, the user can tell what the status of that port is. A port can be open, closed, or filtered. An open port tells the user that they are capable of sending specific information to that port and receiving information in return. A closed port indicates that the computer will not be sending any communications back to the user, so there will be no communications along that port. A filtered port does not send any response to the user, and is completely inaccessible to the user.

    Open ports present the greatest security risk for a computer. If a user is aware of security issues in either the operating system a computer is running or the application which is using given open ports, then they may be able to exploit these issues to gain access to—or block operation of—your computer. Closed ports are slightly more secure, and will only allow a user to take advantage of the computer’s operating system issues. Filtered ports are completely secure and will not grant anyone any kind of access to your computer.

    Port scanning grants invaluable information to anyone that is attempting to subvert the security of a network. Without this information, a hacker attempting to gain access to a system might as well be a blind man attempting to use a sniper rifle. As such, the key to securing your network will lie in denying the information gained by port scanning to any intruders.

    Next: Reconnaissance >>
     

    More Server Administration Articles
    More By Joe Eitel


     
    >>> Be the FIRST to comment on this article!

    SERVER ADMINISTRATION ARTICLES

    - Processes in the UNIX Shell
    - Migrating from Windows to Wine
    - Wine: Not Another Emulator
    - Preventive Measures to Block SSH Attacks
    - Monitoring Temperatures with Cacti
    - Cacti: RRDTool-based Graphing Solution
    - Network Magic 5.0 Review
    - Netfilter and Iptables Overview
    - Installing and Configuring Squid
    - Clickfree PC Backup Systems Compared
    - Squid, the Caching Proxy
    - Regular Expressions in the Unix Shell
    - Source Code Version Control Solutions
    - OTRS: Open Source Ticket Request System
    - Clonezilla: Free Mass Disk-Cloning Utility
    Find More Server Administration Articles




    © 2003-2009 by Developer Shed. All rights reserved. DS Cluster 5 Hosted by Hostway
    For more Enterprise Application Development news, visit eWeek