Forum Thread: Port Scanning - Purpose

Port Scanning - Purpose

Hey there,

I have one question.

I read a lot of threads and tutorials in this forum, but I have some problems to understand the purpose of port scanning.

I know that you have to know as much as possible about the "enemy", but how do open ports help me at this?

If I would know, e.g. that port 4040 is open, what would that mean to me?
That I should attack through this port or that the port isn't secured by the AV?

Sorry if this question is to basic, but I hate it, if I don't understand everything.

Greets

4 Responses

An open port means communication to the outside world. An open port does NOT equal a vulnerability! This is a common mistake among new hackers. An open port simply means that there is a service running on the port that is accepting incoming connections.

You can compare it with a house and you are a thief. The windows on a house are ports. When a window is slightly open to let in air, it can be compared to an open port. It is supposed to take in air from outside, but it isn't supposed to allow you to get in, because it is too narrow for you to fit through. However, because the window is slightly open, you can try to look for weak points in it to break out the window, ideally without making too much noise. In terms of computers, the breaking out of the window is exploiting the service that is running on the port, and the "not make too much noise" thing can be compared to not alert system administrators.

I hope I made sense.

-Phoenix750

Couldn't have said it better, you hit the nail on the head with this one.

Cheers,
Washu

Ah ok, thanks a lot.
Let's look if I got it :D

So by searching for open ports, I can find services which run over these open ports (because they have access to the Internet), which help me to know what the victim is using (kind of service etc.), so that I can look for a specific exploit and use that.

Right? :D

Correct!

-Phoenix750

Share Your Thoughts

  • Hot
  • Active