How Port Scanning Works
Port scanning is a method that is used by network administrators for the purpose of network mapping and network security. Port scanning can also be used by hackers to discover vulnerable or open ports in a network so they can exploit the port weaknesses. Port scanners are basically applications that are designed to connect to a wide range of ports or IP addresses on a network, a single IP address, or a specific list of ports and IP addresses.
How Port Scanning Works
Regardless of whether a port scanner is used by a network administrator for network security purposes or a hacker, the process of port scanning remains the same. Before using a port scanner it is necessary to decide on the range of the network that is to be scanned. The range can be anything from a single IP address to a wide set of ports and IP addresses.
Once you have determined the range then it is necessary to configure the port scanner to the depth you want to scan the ports and IP addresses on a network. There are different levels of port scanning that include light port scanning to a heavy port scan.
- Basic Port Scan: This the easiest type of port scan which involves scanning a designated port by sending a specifically configured packet that contains the port number of the port that is to be scanned. This technique is used to determine which port is available within a specific machine.
- TCP Connect: A TCP connect is used to scan a series of ports on a machine to determine port availability. If a port on the machine is listening then the TCP connect is successful in reaching that specific port.
- Strobe Scan: This type of scan is generally used by a hacker to find the ports that the hacker already knows how to exploit. A strobe scan performs scanning on a more constricted level and also allows for disclosure of the username of the TCP connection.
- Stealth Scan: This type of scan is specifically designed for hacking because it is set up to go undetected by network auditing tools. When a port scanner is used, the ports that are listening will log an error message if an inbound connection is detected but there is no data associated with the connection. Stealth scans are able to bypass this process and therefore go undetected during audits.
There are many other different types of scans that can be performed with a port scanner other than the types that are mentioned in this article. Although port scanners are used by network administrators for legitimate purposes, port scanners when used by hackers with malicious intent cannot be classified as illegal until the hacker has actually committed an illegal act through the vulnerability that has been located with the port scanner.