Network scanning with NMAP

What is a port?

• Ports are logical (digital) ways that computers use to manage traffic.

  • Describe it with an analogy that would help a family member understand.

    • From James A. Ten networking concepts and analogies your grandma would understand

    • Ports are like mailboxes

What does a port scanner send to a port to check the current status?

• It could ping them (ICMP)

• It could send a SYN packet

When a port scanner sends a request to connect, what are the three possible responses?

• Acceptance - The recipient was listening for this protocol or info, and takes it on to move it further along the OSI Model Layers. It "opens" the door.

• Blocked/Denied - The recipient was listening at port, hears something is there, and tells it (through the door) "No, we don't want any! No soliciting." without opening the door

• Ignored/No-Response - ...

What are TCP and UDP and what is the difference between them?

• Transmission Control Protocol (TCP)

  • Connection-based protocol

  • 3-way Handshake

    • SYN, SYN-ACK, ACK

• User Datagram Protocol (UDP)

  • Connectionless protocol

Common Ports

• Telnet (port 23)

• SSH (port 22)

• DNS (port 53)

• SMTP (port 25, 587//)

• HTTP (port 80)

• HTTPS (port 443)

• RDP (port 3389)

• Ping (uses ICMP - is not port specific)

What would I like to know more about?