Readings: Network scanning with NMAP

Reading

What is a port? Describe it with an analogy that would help a family member understand.

communication endpoint in an operating system that allows networked devices to exchange data. so if you have a house with multiple rooms, each serving a different purpose. so think of your computer or device as the house, and the rooms inside it as the ports. Just like the rooms in your house, ports on a device allow different types of communication to happen.

What does a port scanner send to a port to check the current status?

TCP SYN Scan: This is one of the most common scanning techniques used by port scanners. The scanner sends a TCP SYN (synchronize) packet to the target port. If the port is open, the target system responds with a TCP SYN-ACK (synchronize-acknowledge) packet. The port scanner then sends a TCP RST (reset) packet to terminate the connection. If the port is closed, the target system responds with a TCP RST packet.

When a port scanner sends a request to connect, what are the three possible responses? Describe them.

open,closed,filtered.These three responses (open, closed, and filtered) help the port scanner determine the state of each port on the target system, which assists in network reconnaissance and vulnerability assessment.

What is the difference between TCP and UDP?

Connection-oriented vs. Connectionless: TCP is a connection-oriented protocol, which means it establishes a reliable connection between two devices before data transmission. UDP, on the other hand, is connectionless, meaning it does not establish a dedicated connection before sending data.

List and describe the ports used for the following:

Telnet: uses port number 23 as the default port for communication.

SSH:to establish a secure remote connection to a device using SSH, the client and server typically communicate through port 22.

DNS: Port 53 is the default port for DNS queries and responses and Port 5353 is used for Multicast DNS (mDNS) or Bonjour, which is a protocol used for local network name resolution.

SMTP:port 25,port 587 and port 465

HTTP:The default port number for HTTP is port 80.

HTTPS:When you access a website that uses HTTPS, your web browser automatically connects to the server using port 443 by default.

RDP:RDP typically uses TCP (Transmission Control Protocol) as the underlying transport protocol and operates on port 3389 by default.

Ping:Ping uses ICMP (Internet Control Message Protocol) to send and receive echo request and echo reply messages for network troubleshooting and connectivity testing.