Port scanner

From Free net encyclopedia

A port scanner is part of a little of software designed to search a network host for open ports. This is often used by administrators to check the security of their networks and by crackers to compromise it.

The protocol stack that is most common on the Internet today is TCP/IP. In this system, hosts are referenced using two components: an address and a port number. There are 65535 distinct and usable port numbers. Most services use a limited range of numbers; these numbers eventually become assigned by the IANA when the service becomes important enough.

Some port scanners only scan the most common, or most commonly vulnerable, port numbers on a given host. See: List of TCP and UDP port numbers.

The result of a scan on a port is usually generalized into one of three categories:

• Accepted or Open: The host sent a reply indicating that a service is listening on the port.
• Denied or Closed: The host sent a reply indicating that connections will be denied to the port.
• Dropped or Blocked: There was no reply from the host.

Open ports present two vulnerabilities of which administrators must be wary:

1. Security and stability concerns associated with the program responsible for delivering the service.
2. Security and stability concerns associated with the operating system that is running on the host.

Closed ports only present the latter of the two vulnerabilities that open ports do. Blocked ports do not present any reasonable vulnerabilities. Of course, there is the possibility that there are no (yet) known vulnerabilities in either the software or operating system.

The information gathered by a port scan has many legitimate uses, including the ability to verify the security of a network. Port scanning can however also be used by those who intend to compromise security. Many exploits rely upon port scans to find open ports and send large quantities of data in an attempt to trigger a condition known as a buffer overflow. Such behavior can compromise the security of a network and the computers therein, resulting in the loss or exposure of sensitive information and the ability to do work.

Many Internet service providers deny their customers the ability to perform port scans outside of their home networks. This is usually covered in the Terms of Service or Acceptable Use Policy to which the customer must have already agreed. Most public and private networks also place such limitations upon their users.

Contents 1 Port Scanners 1.1 Online Searchable Ports Database 1.2 Online Portscanner 2 See also

Port Scanners

• Angry IP Scanner - Open source, Windows software.
• FastTCPPortScanner is a multi-threaded native Windows TCP port scanner with the ability to configure the number of threads to optimise or purposefully slow down scanning.
• Netmon - Network monitoring appliance with on-demand port scanner and silent background port scanner.
• nmap is a popular port scanning tool for many platforms.
• Unicornscan is an advanced port scanning tool for Unix-like systems.

Online Searchable Ports Database

• Ports & Services Database

Online Portscanner

• Sygate Online Scan extended security check (Stealth Scan, Trojan Scan)
• Planet Security Firewall-Check Fast, extended check, checks currently high-endangered ports
• Crucialtests concise, incl. advisor
• ShieldsUP (Gibson Research Corporation) Quick Scanner, clearly laid out
• DerKeiler's Port Scanner You can only scan your IP, useful when you are in an internet cafe with many restrictions.
• AuditMyPC Free Port Scanning Can scan all 65535 ports.

See also

• Computer insecurity
• Computer security
• Cracking
• TCP/IP
• Internetde:Portscanner

fr:Balayage de port it:Port scanning nl:Port scan ja:ポートスキャン pl:Skanowanie portów fi:Porttiskannaus