csan port attack

Discussion in 'All other topics' started by hutc, May 4, 2003.

  1. hutc

    hutc Member

    Joined:
    Apr 11, 2003
    Messages:
    15
    Likes Received:
    0
    Trophy Points:
    11
    can anyone explain what is a "port scan attack" and what it really means?
     
  2. jnihil

    jnihil Moderator Staff Member

    Joined:
    Dec 23, 2001
    Messages:
    742
    Likes Received:
    0
    Trophy Points:
    26
    Port-scan is not an 'attack', but a technique used to find open TCP/UDP ports on a machine (or a range of machines). A unique port number belong to each network applications on your system. Many are well-known ports and have a standard port number assigned to them - 23 is telnet, 20/21 is ftp, etc etc. These are defined in C:\WINNT\system32\drivers\etc\services. These applications are 'listening' on your machine, waiting for incoming connections.

    Port scanners try to open a connection to a range of port numbers on your machine and see if any are listening. The attacking is usually done using a different tool, made specifically to attack a known weakness for the application found via the port-scan.

    Install a firewall/packet-filter sw on your machine and they'll block incoming scans.

    Rgds,
    jnihil.
     
    Last edited: May 5, 2003

Share This Page