|
Port Scans
The act of systematically scanning a computer's ports. Since a port is a place where information goes into and out of a computer, port scanning identifies open doors to a computer. Port scanning has legitimate uses in managing networks, but port scanning also can be malicious in nature if someone is looking for a weakened access point to break into your computer.
It is legal to perform a port scan - a U.S. district court ruling (Nov, 2001) in Georgia that port scanning a network does not damage it, under a section of the anti-hacking laws that allows victims of cyber attack to sue an attacker. The value of time spent investigating a port scan can not be considered damage. "The statute clearly states that the damage must be an impairment to the integrity and availability of the network". Therefore, a port scan is a remote probe of the services a computer is running. While it can be a precursor to an intrusion attempt, it does not in itself allow access to a remote system. Port-scanning programs are found in the virtual tool chests of both Internet outlaws and cyber security professionals.
Port scanning in and of itself is not a crime. There is no way to stop someone from port scanning your computer while you are on the Internet because accessing an Internet server opens a port, which opens a door to your computer. There are, however, software products that can stop a port scanner from doing any damage to your system.
List of ports people and worms like to scan for:
21 ftp (file transfer protocol)
23 telnet
25 smtp (mail transfer)
67 bootp/dhcp server
80 http (webserver)
111 sunrpc (remote procedure call)
113 authentication (ident)
119 usenet news (nntp)
137 netbios smb
445 microsoft directory services
515 printer (line printer spooler)
1080 socks proxy server
1214 Kazaa peer-to-peer filesharing
1243 sub7 trojan
1433 ms sql servers (sqlsnake worm)
3128 web proxy (squid)
8080 web cache
12345 netbus trojan/trend micro officescan
27374 sub7 trojan
31337 back orifice trojan
|
Post your comment