Port Scanning; the Good, Bad, & Ugly


By Brian Wilson

What is port scanning you might ask? Well port scanning can be describe many ways but basically is the act of sending packets to a destination of group of hosts to try to get a response. Why do I need to port scan and do others port scan me? You might want to port scan your broadband connection to see what your network has open to the internet and others may port scan you to find a way into your network. Port scanning can be done for good reasons and malicious purposes. Other real good reasons for port scanning is to see what ports your software might be using this can help you trouble shoot network issues. There are too many reasons to list here on the pros of ports scans and port scan software but you must first understand what a port is and how it affects you computer and network.

What is a port and how dose it work?

Ports are similar to addresses for example if you send a package to a friend you will have to put many entries on the shipping label for it to get to him. You would need a name, street number, city, State, zip code, and sometimes a country. Without this information your package would not get the recipient. Ports work in a similar way. Ports are part of the address for internet traffic. Ports also have to have other data to be used like an IP address, Protocol, and transport media.

Who controls port numbers?

Ports numbers are standardized though the “Internet Assigned Numbers Authority” or IANA. The port numbers are divided into three ranges: The Well Known Ports, Registered Ports, and the Dynamic and/or Private Ports.

The Well Known Ports are those from 0 through 1023. DCCP Well Known ports SHOULD NOT be used without IANA registration. The registration procedure is defined in [RFC4340], Section 19.9.

The Registered Ports are those from 1024 through 49151 DCCP Registered ports SHOULD NOT be used without IANA registration. The registration procedure is defined in [RFC4340], Section 19.9.

The Dynamic and/or Private Ports are those from 49152 through 65535.

Port Scanning Software.

Let’s now take a look at software that is used for port scanning. A lot of the software out there for port scanning also has other futures for vulnerability scanning. One of the most well known port scanning tools is NMAP.

Nmap ("Network Mapper") is a free open source utility for network exploration or security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. Nmap runs on most types of computers and both console and graphical versions are available. Nmap is free and open source (description from NMAP’s website).

Angry IP scanner is a very fast IP scanner and port scanner. It can scan IP addresses in any range as well as any their ports. Its binary file size is very small compared to other IP or port scanners. Angry IP scanner simply pings each IP address to check if it's alive, then optionally it is resolving its hostname, determines the MAC address, scans ports, etc. The amount of gathered data about each host can be extended with the available plugin's (description from angryziber.com).

SuperScan 4 is a Powerful TCP port scanner, pinger, and resolver. Here are some of the futures; Superior scanning speed, Support for unlimited IP ranges, Improved host detection using multiple ICMP methods, TCP SYN scanning, UDP scanning (two methods), IP address import supporting ranges and CIDR formats, Simple HTML report generation, Source port scanning, Fast hostname resolving, Extensive banner grabbing, Massive built-in port list description database, IP and port scan order randomization, A selection of useful tools (ping, trace route, Whois etc). SuperScan is from foundstone.com and this description was gathered from there website.

Online Scanners

There are also websites that offer free port scans to help you secure your network. Here is a list of a few scanning sites.

Sygate Online Scan (scan.sygate.com) extended security check (Stealth Scan, Trojan Scan.

Planet Security Firewall-Check (planet-security.net) Fast, extended check, checks currently high-endangered ports.

Crucialtests (crucialtests.com) concise, incl. advisor.

ShieldsUP (grc.com) Quick Scanner, clearly laid out.

How to block all the scanning

Now that you have seen what ports scanning is and the uses for it you might want to know how to protect you network from scans. The best thing to do is have a firewall and use up-to-date Anti-virus & Anti-Spyware programs. You will not be able to stop the scans on your network but with a good firewall the person scanning you will not see any traffic back and hopefully assume your connection is not on or no assemble. To find more information on port scanning and the tools used try to Google it.


More Resources

Unable to open RSS Feed $XMLfilename with error HTTP ERROR: 404, exiting

More Broadband Internet Information:

Related Articles

Understanding Broadband - Are You Ready To Upgrade?
Are you ready to upgrade your residential service to DSL or business service to real broadband or T1? Well, the answer lies in what you need. Before you can realize your needs, you must understand more of what the word broadband really means.
Internet ISPs
Choosing an internet ISP is often a rash and impulsive decision, but you should put more research and time into this decision to achieve the best results. Internet ISP's are the portal by which you get onto the internet to visit websites.
How to Get Broadband
Getting broadband services getting easy, but research still required.Broadband Internet services have become more the norm today, unlike the dial-up days of the late 1990s.
Ka Band -Affordable Satellite Internet On The Way!
Ka Band VSAT* satellite internet technology has enormous possibilities for telecommuters, rural locations and eventually for Motor Home users around the U.S.
Google Brings Millions of Hard-to-Find Library Books to Your Fingertips
Millions of hard-to-find books from five major libraries will soon be a lot easier to access: Google has made plans to scan and digitize them, making the books available on their widely used Internet search engine.Google's latest endeavor is a large step beyond previous attempts to scan books so they can be read online (Google, Amazon.
How Peer to Peer (P2P) Works
Peer to Peer (P2P) Technology- How it works:Ever wondered how P2P works? This guide will run down most of the major P2P services and how they work. Peer to Peer technology lets people share files over a network on the internet.
Whois Protocol - TCP/IP Suite
The Whois protocol is an information service not unlike the finger service. The Whois protocol provides the client or user with information about the owner of a domain or specific IP address.
The Coming Television Revolution
The revolution is just getting started and will be begin to make its mark this year. By 2010, it will begin to take off.
Broadband - Will it Affect Your Online Marketing Future?
The coming age of general Broadband use bearing down uponus, minute by minute, is going to leave many changes in its wake. Some will be welcome; others will demand all we can do, just to keep up!Of course, items like high quality graphics, streaming videoand movies on demand will be commonplace.
Wifi Hotspot Locations for Sale..is that a Good Thing?
Recent companies have been advertising wifi hotspot locations that are 'turnkey' (they can run themselves), and only cost between $13,000 and $20,000 to start. Is that good?First of all, if it's so turnkey then why aren't they just popping off wifi hotspot locations left and right for themselves, is it their newfound generosity that has them 'sharing' the opportunities they have available.
What is Broadband?
Defining broadband can get complicatedThere are many different takes on how to actually define the word: broadband. The first and most obvious way to define it is a transmission medium that allows for multiple pathways and types of data, far exceeding simple voice communication devices.
Google Talk Reviewed
So you're sick and tired of AOL Instant Messenger. You're looking for something fresh and new that will just work.
How to Troubleshoot Your Internet Connection for DSL or Cable Service
One of the common problems among internet users is testing theirinternet connection to pinpoint the exact problem. There is a big number of internet users who use DSL, and cable modem service.
Beta Testing First Mobile Internet Satellite Broadband, Part II
We were the first beta testers of a Mobile Command Center with full Internet Access in 1999. Our mobile command center was also the first unit with WiFi and Internet Mobile Access.
Wi-Fi Hotspot Security
You've set up your Boingo account, you're hanging out at the Home Turf sports bar in LAX and you figure you'll do a little business or check your e-mail while sipping a Chardonnay. Well, that's the point of Wi-Fi hotspots; being able to take care of a few things while in a relaxing atmosphere.
Unlimited Bandwidth and Overselling
One of the most controversial topics surrounding web hosting is the practice of overselling bandwidth, and rightfully so. The practice of overselling has enormous potential for disaster - ask any webmaster who has ever woken up to a cold, unforgiving "Bandwidth Exceeded" message where his or her site should be.
Why Choose Dial Up ISP Services
Dial up ISP service is the cheapest choice of any of the ISPs and may be a good option for that family on a tight budget. The software upgrades have definitely increased the speed of dial up ISPs, but their speed is still slower than some other options.
Some DSL Broadband Definitions
Often too many people get confused with all the definitions, here we have explained in easy to understand terms.ADSL:Asymmetric Digital Subscriber Line - asymmetric meaning it's faster downstream than upstream.
Wanadoo: 17.99 Pounds 1Mbps Service
Wanadoo 17.99 pounds 1 mbps service getting good reviews.
3G EV-DO or How the Internet Got Its Wings!
The Internet, as most people know it, is history.It just seems like yesterday the Internet was just onebig mass of wires and cables; a glorified file sharing warehouse with more than a few too many lines sticking out.