Linux Today: Linux News On Internet Time.

Linux.com: Introduction to Port Scanning

Jun 07, 2001, 21:00 (0 Talkback[s])
(Other stories by Matt Mitchie)

[ Thanks to Nobody for this link. ]

Those of you who are parents know that the surest and fastest way to get a kid to do your bidding is to tell them not to do it. Keep that in mind as you read this article on port scanning, as you'll be warned time and time again that you shouldn't really be port scanning other machines, but rather port scanning your own PC to close any security holes. From the article:

First, be aware that it is impolite and possibly illegal to scan computers which you do not own or admin. Never scan a remote system on the Internet without permission. This is the Internet equivalent of walking around your neighborhood and trying out every door to see which ones are unlocked. Depending on the scan, this may even be considered a Denial of Service attack. Don't do it.

At present, the fullest featured and most widely used port scan program is nmap (Network Mapper). Infoworld has this to say about nmap, "if your goal is to understand your network from a 40,000-foot view, then Windows port scanning tools will suffice. But if you're serious about your security and looking for the holes that crackers will find, then take the time to install a Linux box and use nmap."

One of the goals the author of nmap had, was to eliminate the need to carry around multiple port scanners in his security toolbox. Therefore, nmap supports nearly every port scan and TCP/IP fingerprinting technique. It will scan multiple hosts as well as single systems. The advanced options in nmap are sometimes also used by malicious individuals to stealthily scan hosts on the Internet. As you advance, it is a good idea to try out some of these options on your own computer to see the effects and determine whether your defenses are up to detecting the scan.

Complete Story

Related Stories: