Thread: port scans and...
View Single Post
  #2 (permalink)  
Old May 6th, 2005
ukbobboy01 ukbobboy01 is offline
Valued Member
  
Join Date: May 30th, 2004
Location: United Kingdom
Posts: 2,866
ukbobboy01 will become famous soon enough
Default Port Scan
Dear cathodraytube

What is a port scan? First, you have to know what a "port" is and how many of them there are.

In a windows PC connected to the internet there are 65,536 (numbered from 0 – 65535) software ports, which enable you to send and receive e-mails, surf the net, update your software and various other things too numerous to mention. Up until recently, when you purchased a new PC, or installed windows, whenever you went onto the internet a majority of these ports would be open by internet enabled windows apps and by windows itself.

In the early days of the internet this was not a bad thing but since the advent of “worms” (virus type programs that hunt out and crawl into open port PCs on the internet) and hackers (people looking to access PCs without the user’s permission) open ports became a real issue.

Note that a port has two natural states, open or closed, a hacker will scan your PC to find out which ports are open, thus vulnerable to attack, and which are closed. Unfortunately, both open and closed ports respond to scanning and send back information to the hacker detailing how susceptible to attack you machine really is.

So what is a port scan, it is when an organisation or hacker scans the internet looking for PCs with open ports, for whatever reason (which usually does you no good). Your firewall is alerting you to the fact that your PC is being scanned or under attack, if your firewall is capable then it will be able to track where the scan/attack is coming from.

An installed firewall introduces a third state to your ports, "stealthed". A stealthed port does not respond to scanning and so is invisible to the hacker (or scanning organisation). Therefore, if all your ports are stealthed (all 65,536 of them) then your PC is effectively invisible on the internet and is less likely to be attacked by a hacker or worm.

Finally, I imagine each open port to be the equivalent of an open backdoor in your home, which beckons to any passing stranger inviting him to come in. Installing a firewall cancels the invitations, closes and camouflages all the back doors so that they can no longer be seen.

This is the ultimate goal.




UK Bob
Reply With Quote