-
February 21st, 2006, 04:06 AM
#11
Originally posted here by aciscorouter
... Port scans (aka port knocking) is only one form of recon ...
As far as I'm concerned, port knocking is not equivalent to port scanning.
Please see these articles:
http://en.wikipedia.org/wiki/Port_scanning
http://en.wikipedia.org/wiki/Port_knocking
... port knocking is a method of externally opening ports on a firewall by generating a connection attempt on a set of prespecified closed ports. Once a correct sequence of connection attempts is received the firewall rules are dynamically modified to allow the host which sent the connection attempts to connect over specified port(s).
Regards,
Anal aL
-
February 21st, 2006, 04:52 AM
#12
Originally posted here by alleyCat
As far as I'm concerned, port knocking is not equivalent to port scanning.
I defo stand corrected on this one. I have misused the meaning in the past and have recently read that very article on Port Knocking that you referred me to, but obviously hadn't digested it. Thanks for correcting me. I won't be mixing these terms ever again
-
February 22nd, 2006, 02:01 PM
#13
Junior Member
what is this port scan you are talking about ?
how do you do it ?
-
February 22nd, 2006, 04:24 PM
#14
As alleyCat suggested earlier:
Portscanning
From Wikipedia , the free encyclopedia
Jump to: navigation, search
A Port Scan is one of the most popular reconnaissance techniques attackers use to discover services they can break into. All machines connected to a Local Area Network (LAN) or Internet run many services that listen at well-known and not so well known ports. A port scan helps the attacker find which ports are available (i.e., what service might be listing to a port). Essentially, a port scan consists of sending a message to each port, one at a time. The kind of response received indicates whether the port is used and can therefore be probed further for weakness.
Retrieved from "http://en.wikipedia.org/wiki/Portscanning"
There are a number of tools and tutorials to do port-scans. Some are quite polite and some are quite aggressive.
Here are two examples at either end of the spectrum (there are thousands of variants out there):
SuperScan (recently aquired by FoundStone)
Nmap or Nmapwin (the first is for *NIX and the second is for, you guessed it, Windows)
-
February 23rd, 2006, 12:44 AM
#15
an operating systems uses ports in order to allow applications run across some type of medium. For example, there is a port for POP3 which is 110, SMTP with is 25; 80 HTTP; 8080 HTTPS; etc...
You can either point a port scanner a specific IP address or a scope of IP Addresses to find open ports TCP & UDP. Now that someone knows which ports are open, they can attempt to gain access to your workstation through that port.
There are ways to get in, but I"m not that knowledable on the subject, so I better just leave it alone.
Guess the rule of thumb is, keep track of what ports you use; block the ones you don't and if you are able, specify your own ports. Since you're using a firewall, place close attention to software you allow to access the internet. Each time you allow the software, you're opening up a port for it.
Damn, I think I just went off subject.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|