102 OPS | Home | README.md | Portfolio | ← | →

Reading For Lecture & Lab

A program that checks network ports to see if they are

1. open
2. closed
3. or filtered

A port is just as the name states, like when you have all the ports in a country by the bodies of water for example that surround America. These ports are where ships come in to deliver cargo and pick up cargo to be shipped to the ports of other countries. It is an access point that allows to go into a determined group that is somewhat closed off.

It sends a request to connect to a port either TCP or UDP, and it records the response. of the three possible port scanning responses

1. Open
2. Closed
3. filtered/dropped/blocked

Port Scanning Techniques: (Used by hackers)
1. Ping Scan - ICMP packets are sent and wait for response
2. TCP Half Open - also called: syn scan - a fast scan that requests an Acknowledgment packet from the receiver (the flirt)
3. TCP Connect - Completes the process TCP Half Open started (full circle)
4. UDP - Slower than TCP scan, used to send payload to the receiver (DNS Request), (the sweet talker)
5. Stealth Scanning - Quiet and not obvious, (the peeping tom)

The main difference is TCP requires confirmation the packet was received.
UDP does not required confirmation. That's why UDP is used for gaming, streaming, etc. Becaue its faster Also: UDP scans are slower

Common Ports

+ Telnet - TCP Port 23 - allows you to connect to a device remotely, but you can see passwords being inputted through this port so it's not used
SSH - TCP Port 22 - a more secure way to access a device remotely because it is encrypted- ssh stands fore "Secure Shell"
DNS - UDP Port 53 - but it will also use TCP Port 53 for large data transfers (Domain Name System) When you type in a website name on your Internet Browser, you are utilizing DNS Port 53 to do it, to get to the website.
SMTP - TCP Port 25 / Encrypted form of SMTP uses TLS: TCP Port 587 - This is used to send mail. Specifically to send. Not to receive. That's what IMAP and POP3 are for. (think of it like going to the post office to receive and read your mail when you utilize POP3, and IMAP allows you to delete an email, and all inboxes will have the email deleted as well.
HTTP- TCP Port 80 - hyper text transfer protocol, is what is used inside websites once you established connection using PORT 53 (DNS), what takes place on the site is Port 80 (HTTP is not encrypted) it is a basic plot of land
HTTPS- TCP Port 443 Hyper Text Transfer Protocol Secure is the same as HTTP but it uses encrypted communication, so its a castle with fortifications that has improved over the years the kind of material used (started out with SSL: Secure Socket Layer, to newer servers use TLS: Transport Layer Security)
RDP- TCP Port 3389- makes the most sense when trying to understand Ports, because when you connect to this port, you have access to the computer you just established that connected port with, which is a really good direct way of understanding what happens every time you use a port.
Ping- No Port is assigned to a ping: Ping uses ICMP packets and ICMP does not use port numbers (but there is such a thing as a TCP Ping: where instead of a 3-way TCP Handshake, only the first 2 steps are performed, and the delay between is measured)