Those of you who are parents know that the surest and fastest
way to get a kid to do your bidding is to tell them not to do it.
Keep that in mind as you read this article on port scanning, as
you'll be warned time and time again that you shouldn't really be
port scanning other machines, but rather port scanning your own PC
to close any security holes. From the article:
First, be aware that it is impolite and possibly
illegal to scan computers which you do not own or admin. Never scan
a remote system on the Internet without permission. This is the
Internet equivalent of walking around your neighborhood and trying
out every door to see which ones are unlocked. Depending on the
scan, this may even be considered a Denial of Service attack. Don't
At present, the fullest featured and most widely used port scan
program is nmap (Network Mapper). Infoworld has this to say about
nmap, "if your goal is to understand your network from a
40,000-foot view, then Windows port scanning tools will suffice.
But if you're serious about your security and looking for the holes
that crackers will find, then take the time to install a Linux box
and use nmap."
One of the goals the author of nmap had, was to eliminate the
need to carry around multiple port scanners in his security
toolbox. Therefore, nmap supports nearly every port scan and TCP/IP
fingerprinting technique. It will scan multiple hosts as well as
single systems. The advanced options in nmap are sometimes also
used by malicious individuals to stealthily scan hosts on the
Internet. As you advance, it is a good idea to try out some of
these options on your own computer to see the effects and determine
whether your defenses are up to detecting the scan.