Port Scanner

From SecurityTools
Revision as of 21:32, 16 October 2022 by RagManX (talk | contribs) (First Tool category write-up. Attempt to establish a category format)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Description[edit | edit source]

Port Scanners at the most basic level are applications which connect to systems on a network, checking for listening services on specified network ports. This is typically done simply to identify services on a network which are accessible to other systems. Beyond this, most port scanners add other features to enhance security policy checks when used.

There are many kinds of port scanning, although most often you will hear about TCP scanning and SYN scanning. Beyond these most common forms of scanning, there are many other means of checking network ports - UDP, ACK, FIN, X-Mas, ICMP, and many more. See below for descriptions of these and other types of network or port scanning.

Common Tools[edit | edit source]

More Details[edit | edit source]

Here we will expound upon some of the different types of port scans, including brief descriptions of the scans and why one would use different types of scans.

TCP Scan
Perhaps the most common form of scanning, a TCP scan is also known as a connect scan because it makes a complete network connection to a TCP network port. It is the "noisiest" scan in that it makes a full three-way handshake to check for a listening service on an TCP network port. On the upside, due to the way TCP connections work, this type of scan is typically very fast. For port scans run by users without administrator privileges, this and UDP scanning (see below) are the only types of scans that can be performed.
UDP Scan
A slower means of scanning, the UDP scan is performed by connecting instead to UDP ports and awaiting a response. Because UDP is connectionless, this type of scan may have to wait the default UDP timeout (most often 30 seconds if not modified by changes in the port scanning tool) for each network port to determine if a service is listening/responding before moving on.
SYN scan
Another type of TCP scan, a SYN scan works by only sending the SYN packet of the three-way handshake, which results in a SYN-ACK response from a listening service or a RST response if there is no listening service on the port.
ACK Scan
To be written
FIN Scan
To be written
X-Mas Scan
To be written - this should be an interesting scan-type to detail
Retrieved from "https://securitytools.wiki/index.php?title=Port_Scanner&oldid=183"