Professional Documents
Culture Documents
• Human Protocols
• Examples :
– Proxy servers ports
– Virtual private network ports
– Port requested by IBM , Apple, Oracle and many
companies for their specific services
Dynamic, Private or Ephemeral ports
• Ranges from 49152 – 65535
• Examples : NMAP
Port Scanning
• Main Goal of Port scanning is to find out which ports are open, which are closed
and which are filtered.
• Open port: port on which application is actively accepting TCP or UDP traffic.
– Finding open port is primary goal of port scanning
– Each open port is an avenue for attack
– Attacker want to exploit the open ports.
– Network administrator wants to protect by some firewall
– Important for non security scan also to identify available services
• Close Port: ports which are accessible but no application listening on it
– Used for Host discovery, OS Detection
– Network administrator want to block it by firewall to reduce its accessibility.
• Filtered port: ports which can not be reached by port scanner
– Can not identify weather its open or close
– Filtering can be from firewall device, routing rules, or firewall software
• Unfiltered port: ports which can be reached by port scanner but can not be
identified weather its open or close
• If port is open :
– Send SYN Packet
– Response will be SYN + ACK Packet
• If port is closed :
– Send SYN Packet
– Response will be RST Packet
• If port is Filtered :
– Send SYN Packet
– No response
• False positive: Vulnerability does not exist but scanner says there is
vulnerability
• Services by nmap :
– Port scanning
– Identify all the running services on network
– Identifying operating system and protocol versions
– TCP Scan , UDP Scan, ICMP Scan
Footprinting
• www.ping.au
• http://whois.domaintools.com
Banner Grabbing
• After identifying running services let us identify software and
versions on which that service is.