Originally Published: Thursday, 7 June 2001 Author: Matt Michie
Published to: enchance_articles_security/Basic Security Articles Page: 1/5 - [Printable]

Linux.com Security: Introduction to Port Scanning

Unfortunately nobody can be told which path to take, you must see it for yourself, so choose wisely. Ripped from today's headlines, the writers and editors of Linux.com are proud to present this security-minded introduction to protecting your system. Read on, and know yourself.

   Page 1 of 5  >>

"Hence the saying: If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle." -- Sun Tzu, The Art of War

What is Port Scanning?

Port scanning is a computer security technique that tests a system for open TCP/IP "ports". In layman's terms, if one compares an IP address to a telephone number, then a port would be the equivalent of a telephone extension.

For instance, if I wanted to speak to Linus Torvalds at his workplace, I would first dial the phone number to Transmeta, and then connect to his specific extension. In this way, more than one person can use the same phone number. Likewise, TCP/IP ports allow one IP address to have many different servers connect to it.

Standard TCP/IP stacks allow access to up to 65,535 different ports, 1 - 65535. In Linux, ports less than 1024 require root access for a program to bind to them.

Some of the more common ports are:

echo 7/tcp
discard 9/tcp
qotd 17/tcp #quote
ftp-data 20/tcp
ftp 21/tcp
ssh 22/tcp # SSH Remote Login Protocol
telnet 23/tcp
smtp 25/tcp #mail
time 37/tcp #timeserver
domain 53/tcp # name-domain server
gopher 70/tcp # Internet Gopher
finger 79/tcp
www 80/tcp # WorldWideWeb HTTP
www 80/udp # HyperText Transfer Protocol
pop3 110/tcp # POP version 3
sunrpc 111/tcp # RPC 4.0 portmapper TCP
auth 113/tcp #authentication tap ident
nntp 119/tcp # USENET News Transfer Protocol
ntp 123/udp # Network Time Protocol
imap2 143/tcp # Interim Mail Access Proto v2
snmp 161/udp # Simple Net Mgmt Proto
irc 194/tcp # Internet Relay Chat
irc 194/udp
ldap 389/tcp # Lightweight Directory Access Protocol
https 443/tcp # Secure HTTP
mysql 3306/tcp # MySQL
ircd 6667/udp # Internet Relay Chat
webcache 8080/tcp # WWW caching service

A more canonical list of standard ports can be found in /etc/services.

   Page 1 of 5  >>