///////////////////////////////////////////
Know More about Network Hacking (Port Scanning)
System administrators are constantly being advised to check their systems
for open ports and services that might be running that are either
unintended or unnecessary. In some cases, the services might be Trojans
just waiting to be exploited.
Port Scanning: Port scanning is carried out to determine a list of open
ports on the remote host that have certain services or daemons running. In
port scanning, the attacker connects to various TCP and UDP ports and tries
to determine which ports are in listening mode.
1. TCP Ports Scanning: Almost all port scans are based on the client
sending a packet containing a particular flag to the target port of the
remote system to determine whether the port is open. Following table lists
the type of flags a TCP packet header can contain.
A typical TCP/IP three way handshake can be described as follows:
The client sends a SYN packet to the server.The server replies with a SYN
packet and acknowledges the client's SYN packet by sending an ACK
packet.The client acknowledges the SYN sent by the server.
Different techniques of TCP port scanning are:
TCP connect port scanningTCP SYN scanning (half open scanning)SYN/ACK
scanningTCP FIN scanningTCP NULL scanningTCP Xmas tree scanning
2. UDP Ports Scanning: In UDP port scanning, aUDP packet is sent to each
port on the target host one by one.
If the remote port is closed, then the server replies with a Port
Unreachable ICMP error message. If the port is open then no such error
message is generated.
3. FTP Bounce Port Scanning: The FTP bounce port scanning technique was
discovered by Hobbit. He revealed a very interesting loophole in the FTP
protocol that allowed users connected to the FTP service of a particular
system to connect to any port of another system. This loophole allows
anonymous port scanning.
No comments:
Post a Comment