Discussion in 'All other topics' started by hutc, May 4, 2003.
can anyone explain what is a "port scan attack" and what it really means?
Port-scan is not an 'attack', but a technique used to find open TCP/UDP ports on a machine (or a range of machines). A unique port number belong to each network applications on your system. Many are well-known ports and have a standard port number assigned to them - 23 is telnet, 20/21 is ftp, etc etc. These are defined in C:\WINNT\system32\drivers\etc\services. These applications are 'listening' on your machine, waiting for incoming connections.
Port scanners try to open a connection to a range of port numbers on your machine and see if any are listening. The attacking is usually done using a different tool, made specifically to attack a known weakness for the application found via the port-scan.
Install a firewall/packet-filter sw on your machine and they'll block incoming scans.
Separate names with a comma.