SunWorld: Tapping on the walls - Learn to think like your attackerNov 24, 2000, 12:51 (0 Talkback[s])
(Other stories by Sandra Henry-Stocker)
"Paring down your network services isn't the only way to protect your systems against attacks: port scanning can also be an effective tool. In this month's Building Blocks of Security, Sandra Henry-Stocker shows you how to stay one step ahead of your enemy...."
"Minimizing services is just the beginning of adopting a defensive posture, however. Numerous security experts suggest that thinking like an attacker is the only way to prepare yourself to defend your site. This month, we'll examine port scanning (sending packets to systems and gaining insight from the responses) -- which has been compared to tapping on walls to determine where beams are located -- and look at what an intruder can determine about services you're running...."
"True port scanning involves sending requests to all interesting ports on a particular system or group of systems to determine which services can be exploited. An interesting port is generally a well-known one on which services are likely running. High-numbered ports usually represent outgoing connections rather than system services (e.g., the difference between a user running telnet and the system's telnet daemon). However, scanning up to port 65536 is not uncommon."