UGN Security
Posted By: TH3 93n3$t34l3r portscanning - 04/16/04 08:52 AM
hey evrybody i might be asking a question that has already been answered but what does portscanning actually do thanks for all your help smile laugh
Posted By: Gremelin Re: portscanning - 04/16/04 10:01 AM
Port Scanning tells you what ports are open on a machine (may it be a personal computer or a web server).

Differant ports are opened by differant services, servers, and programs.

The ports can tell you what services someone is running as there are standard ports for differant types of servers (21, 23, 25 are all standard for their types).
Posted By: Infinite Re: portscanning - 04/16/04 11:00 AM
Different scans do different things. The man page for nmap explains a lot of them. I'll explain the most common type: Syn scanning.

First thing, ports occur within TCP or UDP. These are transport protocols that live at the transport layer (layer 4) of the OSI Model . IP is layer 3, ethernet is 2, etc.

Syn scanning uses the properties of TCP to dectect if a given port is open, closed, or filtered. TCP is a reliable protocol that establishes connections before any data is transmitted. TCP uses what's called a "3-Way handshake" to establish connections. The computer that wants to establish the session sends a SYN (Syncronize) packet to the computer it wants to talk to. If the ort is "open" on the recipient (accepting connections) it responds with a SYNACK (syncronize acknowledge). Finally the original computer send a ACK and the connection has been established and data may now flow.

So, when you SYn scan, you send a SYN packet to every port specified and see which ones are willing to establish a connection, hence are "open"

Infinite
Posted By: weeve Re: portscanning - 04/16/04 05:10 PM
http://www.cam.ac.uk/cs/security/portscan.html
Posted By: TH3 93n3$t34l3r Re: portscanning - 04/17/04 09:23 AM
thanks for all your help ppl

bye
Posted By: weeve Re: portscanning - 04/18/04 01:03 AM
welcome, no bye needed.

see you later, all paths meet again.
Posted By: TH3 93n3$t34l3r Re: portscanning - 04/26/04 03:21 PM
good point
Posted By: BackUnderground Re: portscanning - 05/22/04 12:28 PM
so you need the IP, port # then what? ive heard telnet works but is very basic. what do u suggest?
Posted By: Ghost Re: portscanning - 05/22/04 12:32 PM
To port scan someone, you need their ip address so you can send information to them. No you don't need a port number, as port scanning is designed to allow you to see which ports are open on a certain machine. Infinite posted some good information about how port syn scanning works in an above post. I don't know what telnet has to do with port scanning though.
Posted By: BackUnderground Re: portscanning - 05/23/04 01:08 PM
nah i meant to get access to their computer
Posted By: Ghost Re: portscanning - 05/23/04 02:28 PM
How was i supposed to know what you meant? I mean, this is a thread devoted to port scanning, not connecting to someone with telnet. Also, no, connecting to someone with telnet does not give you access to their computer. For most services that give command line access you need a username and password.
Posted By: Ntd Re: portscanning - 05/23/04 03:07 PM
Backunderground if you want to gain access i would suggest learning how to do a netbios attack or goto a site that list windows exploits and use them.

Note:: I think many people think that by connecting to a remote computer is "Hacking" the other computer. That is wrong, telnet only connects you to the remote like, say, internet explorer does.
Posted By: BackUnderground Re: portscanning - 05/24/04 10:44 PM
thats what i wanted to know cheers,
sorry this is my 1st bbs
© UGN Security Forum