0

im doing a project on proactive port scanning for secure computing environment. i was asked what is the use of port scan when there is already have firewall.

also how exactly does it aid system administrators.

thanks in advance.

2
Contributors
10
Replies
11
Views
9 Years
Discussion Span
Last Post by DimaYasny
0

well, a port scan scans for open ports.
i understand it is used by hackers to find where there are are open ports in a system & where the system is vulnerable.
also what i understand a firewalls function is to allow or disallow services. am i right in it.
it gives a continous mapping information of what services are running on what ports.so it aids system administrator to monitor the network ports.

what problems does the port scan help the system administrator solve exactly.or why does he need monitoring.

0

well, a port scan scans for open ports.

a port scanner is much more. just go to insecure.org and start reading

i understand it is used by hackers to find where there are are open ports in a syste
m & where the system is vulnerable.

and by system administrators looking into securiong their systems as well as discovering running services on the network. and that's just the beginning of the functions

also what i understand a firewalls function is to allow or disallow services. am i right in it.

a firewall has nothing to do with services, the basic firewall just intercepts net packets destined to a certain port and either blocks them or lets them through. the service is running no matter if you have a firewall or not. but whether the service will be accessible from the network - that's something the firewall has a say in.

it gives a continous mapping information of what services are running on what ports.so it aids system administrator to monitor the network ports.

the firewall? not directly. for running services mapping there are other means.
the firewall is not a very complicated mechanism (if you disregard the smart options like stateful inspection)

what problems does the port scan help the system administrator solve exactly.or why does he need monitoring.

well, a simple example - you want to see if you have a mail server running on your server. from the server you just type "nmap localhost" and look for a daemon on port 25.
another good example is the netHASP plugs or BackupExec remote agents - the client sometimes has to scan the network for services running on the appropriate ports (10000 in this case) to try to connect to for desired service.

0

can a firewall identify services or not( i can see in my windows firewall advanced setting it gives list of services.but they are all well knoen services already prewritten.

is it a fact that a service always run on a particular port eg 21 for FTP,25 for mail server as u said. can another service access this port through unlawful means.

also i understand that dynamic services obtain different ports for different occasions. so firewall definitely cant identify dynamic services then port scanner is useful definitely for identifying dynamic services

0

can a firewall identify services or not( i can see in my windows firewall advanced setting it gives list of services.but they are all well knoen services already prewritten.

no, it cannot. but you can define accessible services there yourself.

is it a fact that a service always run on a particular port eg 21 for FTP,25 for mail server as u said. can another service access this port through unlawful means.

every service can be configured to use any port. the well known port list can be found on the IANA website, and these ports are set for interoperability only.

also i understand that dynamic services obtain different ports for different occasions. so firewall definitely cant identify dynamic services then port scanner is useful definitely for identifying dynamic services

what do you mean - dynamic services? you should really read up on firewalls, tcp/ip, daemons and other related material, before even asking such questions. wikipedia is that way: -->

0

sorry to have written wrongly i meant the services running on dynamic/private ports when i said dynamic services.

anyway thanks very much for replying to me .ill read those that uve reccomended.
ill update my doubts tomorrow when i have them.

0

one more thing i was asked if i block all outgoing packets from most of my ports & have only certain ports necessary i can be secure.(this is a question my lecturer asked).my answer is that then ull have no work done. am i right.

also how are open ports created in the first place.

0

man, you have to read first and ask questions, if any remain afterwards.
the only way to be totally secure is to pull the network cable out.

0

no problem mate, there really is no point in me explaining all that, when everything is well documented in wiki, RFCs and quite a few other places

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.