I'm curious, as a technician, what port numbers/services should I commit to memory? Like Port 80, 25, and the like.
If I was to name some important ones of the top of my head I would say :
20 - FTP-data
21 - FTP
22 - SSH
23 - Telnet
25 - SMTP
67 - Bootps
68 - Bootpc
69 - TFTP
80 - HTTP
110 - POP3
119 - NNTP
123 - NTP
143 - IMAP
161 - SNMP
546 - DHCP Client
547 - DHCP Server
1080 - Socks
6667 - IRC
Thats all I can think off about now
21 - FTP
22 - SSH
23 - Telnet
25 - SMTP
69 - TFTP
80 - HTTP (Proxy Common)
110 - POP3
143 - IMAP
1080 - Socks
3128 - Squid Proxy
6660-6669 - IRC (common)
8080 - HTTPd Proxy
Keep in mind that most any server will allow you to change the standard port, so the onlyway to test will be to probe the port. A good tool for this would be to put SuperScan 3.0 on a floppy or usb pen and build a custom list, it has a good starter list included.
Giz: I use SuperScan 4, is there any particular reason why you mentioned 3 specifically?
SuperScan 3.0 is from the original author, Superscan 4.0 is stripped down and cannot scan a class B.
Also Ghost, yeh, we'll throw the windows commandline version of nmap on a usb pen for practical applications on a windows 98 machine when we can just use something everyone here has used on a day to day basis :gag:
but <3 nmap
Plus it works with SP2. As far as I know SYN scanning with super scan is subject to SP2's disabling of 'raw' sockets.
AND it has all sorts of other wonderful scan options that I don't recall superscan having.
I like my Packetizer and Ethereal
you forgot:
389 ldap
The 'only' port scanner to use is nmap. Ghost is right.
Originally posted by sinetific:
Ghost is right.
I bet you that really pained you to say...