Read 02 301 - jserpa-p/lisbon-ops-301n1_Reading GitHub Wiki

Read 02

Port Scanner

-It verifies the network ports state, it can be one of three: Open; Close; Filtred -Port Scanners are important to diagnose connection problems. -They can also be used to detect infiltration access points and to identify what devices are connected to that internet.

Port -- A port is a virtual location where networking communication starts and ends. There are two kinds of network ports on each computer: TCP and UDP

Port Scanning Techniques

Ping Scan

Simple examination. A ping scan look for ICMP answers that showif the target is working

TCP Half-Open

Also referred as SYN Scan. It’s a fast and sneaky scan that tries to find potential open ports on the target computer. In a normal TCP 3 way-handshake there is a SYN message, a SYN/ACK message and finally a ACK message. But this scan is fast and hard and never completes the 3 way-handshake.Any SYN-ACK responses are possibly open ports. An RST(reset) response means the port is closed, but there is a live computer here. No responses indicate SYN is filtered on the network. An ICMP (or ping) no response also counts as a filtered response.

TCP Connect

This port scanning technique is basically the same as the TCP Half-Open scan, but instead of leaving the target hanging, the port scanner completes the TCP connection.The advantage of the TCP connect scan is that a user doesn’t need the same level of privileges to run as they do to run the Half-open scan.

UDP

Slower than TCP scan, works better when you send a specific payload to the target. Like a DNS request. UDP scans work best when you send a specific payload to the target. For example, if you want to know if a DNS server is up, you would send a DNS request. For other UDP ports, the packet is sent empty. An ICMP unreachable response means the port is closed or filtered. If there is a service running, you might get a UDP response, which means the port is open. No response could mean that the port is open or filtered.

Stealth Scanning

Some port scans are easier to detect than others, so defenders need to know about these TCP flags that allow attackers to make their port scans difficult to detect. The good thing – for the hacker – about these scans is that they don’t usually show up in logs.The most significant advantage of using these flags is that they can slip past firewalls, which makes the results more reliable.

Port Scans are a critical part of building a good defence from cyberattacks

Common Ports

image link: https://networkverge.com/common-ports/

Things I want to know more about