Port Scanning:-

Posted by Unknown at 4:42 PM
Port Scanning:-
After you have determined that your target system is alive the next  important step would be to perform a port scan on the target system.
There are a wide range of port scanners available for free. But many of  them uses outdated techniques for port scanning which could be easily recognized by the network administrator. Personally I like to use Nmap (http://www.insecure.org) which has a wide range of options. You can download the NmapWin and its source code from:
http://www.sourceforge.net/projects/nmapwin.



Apart from port scanning Nmap is capable of identifying the Operating system being used, Version numbers of various services running,
firewalls being used and a lot more.

Common ports:
Below is a list of some common ports and the respective services
running on the ports.
20 FTP data (File Transfer Protocol)
21 FTP (File Transfer Protocol)
22 SSH
23 Telnet
25 SMTP (Simple Mail Transfer Protocol)
53 DNS (Domain Name Service)
68 DHCP (Dynamic host Configuration Protocol)
79 Finger
80 HTTP
110 POP3 (Post Office Protocol, version 3)
137 NetBIOS-ns
138 NetBIOS-dgm
139 NetBIOS
143 IMAP (Internet Message Access Protocol)
161 SNMP (Simple Network Management Protocol)
194 IRC (Internet Relay Chat)
220 IMAP3 (Internet Message Access Protocol 3)
389 LDAP
443 SSL (Secure Socket Layer)
445 SMB (NetBIOS over TCP)
Besides the above ports they are even some ports known as Trojan
ports used by Trojans that allow remote access to that system.

Vulnerability Scanning:
Every operating system or the services will have some vulnerabilities due to the
programming errors. These vulnerabilities are crucial for a successful hack. Bugtraq is
an excellent mailing list discussing the vulnerabilities in the various system. The
exploit  code writers write exploit codes to exploit these vulnerabilities existing in a system.
There are a number of vulnerability scanners available to scan the host for known vulnerabilities. These vulnerability scanners are very important for a network administrator to audit the network security.
Some of such vulnerability scanners include Shadow Security Scanner,Stealth HTTP Scanner, Nessus, etc. Visit
http://www.securityfocus.com vulnerabilities and exploit codes of various
operating systems. Packet storm security
(http://www.packetstormsecurity.com) is also a nice pick.

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Like Me On Facebook Mr. Deadly Hacker

Aman Badhania writes this blog to help computer users with problems related to web services and getting the most out of their own websites.
Feel The Power Of Cyber Hacking Mr. DeadlyHacker