Content deleted Content added
m Removed erroneous space and general fixes (task 1) |
|||
Line 4:
A '''port scan''' or '''portscan''' is a process that sends client requests to a range of server port addresses on a host, with the goal of finding an active port; this is not a nefarious process in and of itself.<ref>RFC 2828 ''Internet Security Glossary''</ref> The majority of uses of a port scan are not attacks, but rather simple probes to determine services available on a remote machine.
To '''portsweep''' is to scan multiple hosts for a specific listening port. The latter is typically used to search for a specific service, for example, an [[SQL]]-based [[computer worm]] may portsweep looking for hosts listening on [[Transmission Control Protocol|TCP]] port 1433.<ref>{{cite web |url=http://support.microsoft.com/kb/313418 |title=PRB: Unsecured SQL Server with Blank (NULL) SA Password Leaves Vulnerability to a Worm |website=support.microsoft.com |url-status=dead |archive-url=https://web.archive.org/web/20060303130907/http://support.microsoft.com/kb/313418/ |archive-date=2006-03-03}}
==TCP/IP basics==
Line 40:
</ref>
An alternative approach is to send application-specific UDP packets, hoping to generate an application layer response. For example, sending a DNS query to port 53 will result in a response, if a DNS server is present. This method is much more reliable at identifying open ports. However, it is limited to scanning ports for which an application specific probe packet is available. Some tools (e.g., [[Nmap]], [[Unionscan]]
===ACK scanning===
| |||