Port scanning is one of the most common reconnaissance techniques used by testers to discover the vulnerabilities in the services listening at well-known ports.
Once you've identified the IP address of a target system through footprinting, you can begin the process of port scanning: looking for holes in the system through which you -- or a malicious intruder -- can gain access. A typical system has 2^16 -1 port numbers, each with its own TCP and UDP port that can be used to gain access if unprotected.
The most popular port scanner for Linux, Nmap, is also available for Windows. Nmap can scan a system in variety of stealth modes, depending upon how undetectable you want to be. Nmap can determine a lot of information about a target, like what hosts are available, what services are offered and what OS is running.
Other port scanning tools for Linux systems include SATAN, NSAT, VeteScan, SARA, Portscanner, Network Superscanner, CGI Port Scanner and CGI Sonar.
Ethical hacking tools and techniques
About the author
Russell Dean Vines is a bestselling author, Chief Security Advisor for Gotham Technology Group, LLC, and former President of the RDV Group. His most recent book is The CISSP and CAP Prep Guide, published by John S. Wiley and Sons. He is available to answer your security threat questions via Ask the Expert.
This was first published in April 2007