Understanding Port Scans

Generally speaking, few people on the Internet are out to get you specifically. In truth, they’re out to get anyone whose systems they can possibly gain access to. Obviously the Internet is a huge, immense place, so how do they find people? Well, the most basic tool employed by automated bots and those out to hack user systems is known as a port scanner. This software allows a hacker to input a range of IP addresses (typically those on high-speed networks like DSL), and then scan for a particular open port, or all open ports. In most cases, a hacker will scan for a single port associated with a known exploit, such as a virus or Trojan horse program that allows them to gain access to your PC. Using a port scanner allows then to look for that open port on thousands of systems in very little time. In fact, they can set up the scan, head to bed, and then be presented with a very comprehensive list of “attackable” systems in the morning.

In case you’re curious, this is one of the ways that providers also check to see whether you have servers on your home network, which is often not allowed under their terms of service.
One of the best ways for you to defend yourself is to scan your own public IP address looking for open ports. One easy (and free) piece of software to accomplish this is SuperScan, shown above. It can be downloaded from http://www.foundstone.com/resources/scanning.htm. Additionally, a number of web-based port scanners are available online, often referred to as firewall testing tools.

Author: Dan DiNicolo

Dan DiNicolo is a freelance author, consultant, trainer, and the managing editor of 2000Trainers.com. He is the author of the CCNA Study Guide found on this site, as well as many books including the PC Magazine titles Windows XP Security Solutions and Windows Vista Security Solutions. Click here to contact Dan.