Port Scan Attack


Recommended Posts

Simply put, a port scan is when an attacker scans a list of ports on your computer to see if they're open.

Most of the time they're not even attacks though. Personal firewalls have to look like they're doing something so they classify even the lamest and mundane things as threats. No-one would buy a firewall if they never got an alarming box saying it just stopped someone from hacking your box, now would they?

Just ignore them. Thats what the firewall is for, and alot of times firewalls just mis-report it anyways.

Link to comment
Share on other sites

Same here :D

That link is great.

So because your firewall says "PANIC" it doesn't mean that something is actually happening.

But to answer your question a port scan is when you scan all the ports on a computer to see which ones are accepting connections.

This is how it is performed. It is usually not a security threat at all, and know you know what the "attacker" would see.

[root@rei bin]# nmap -P0 123.456.567.89

Starting nmap V. 2.54BETA22 ( www.insecure.org/nmap/ )

Interesting ports on 89.765-somehost-place.router.isp.com (123.456.567.89)

(The 1531 ports scanned but not shown below are in state: closed)

Port State Service

22/tcp open ssh

25/tcp open smtp

53/tcp open domain

80/tcp open http

110/tcp open pop-3

111/tcp open sunrpc

113/tcp open auth

139/tcp open netbios-ssn

953/tcp open rndc

3306/tcp open mysql

8080/tcp open http-proxy

Nmap run completed -- 1 IP address (1 host up) scanned in 0 seconds

(I scanned "localhost" on the corp server where I work, that is, the machine itself and changed the details to a fictive ip so you get a better idea)

Edited by mr_da3m0n
Link to comment
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.