Q

What is a port scan attack?

I have a Symantec VPN/firewall 200 in place. I have an address for the WAN in place, and my LAN seems to be protected

behind the firewall. However, in the firewall log I keep receiving "port scan attack" messages. What is a port scan attack?


Ports are like little doors on your system. Most packets leaving your machine come out of a certain door. They are destined for another door on another system. There are two different protocols that use ports: TCP and UDP. Each of these two protocols has 65,536 different ports. Various Internet services listen on certain well-known doors. For example, Web servers usually listen on TCP port 80. Mail servers usually listen on TCP door port 25.

An attacker launches a port scan to see what ports are open, with a listening service, on your machine. A port scan attack, therefore, occurs when an attacker sends packets to your machine, varying the destination port. The attacker can use this to find out what services you are running and to get a pretty good idea of the operating system you have. Most Internet sites get a dozen or more port scans per day. As long as you harden your firewall and minimize the services allowed through it, these attacks shouldn't worry you.


For more information on this topic, visit these other SearchSecurity.com resources:
Ask the Expert: What is port scanning?
Strom's Security Tool Shed: Hacker took helps identify network weaknesses


This was first published in August 2002

Dig deeper on Web Server Threats and Countermeasures

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close