The IT Law Wiki
Register
Advertisement

Definitions[]

Port scanning (also written as portscanning) is

a technique used by computer hackers by which an individual sends requests via a worm or other program to various networked computer ports in an effort to ascertain whether particular machines have vulnerabilities that would leave them susceptible to external intrusion.[1]
[u]sing a program to remotely determine which ports on a system are open (e.g., whether systems allow connections through those ports).[2]

Overview[]

Often used as an initial step in launching an attack on another computer or transmitting a virus, port scanning is a relatively unsophisticated, but highly effective, reconnaissance method, likened . . . as the electronic equivalent of ‘rattling doorknobs’ to see if easy access can be gained to a room.[3]

Port scanning is the process of sending a request packet to specific ports to determine there state. For example to test if a newly installed FTP client was functioning one might port scan the server on port 21 to see if the service is running. Modern port scanners such as NMAP have built in OS fingerprint retrievers as well as header capture tools, these tools arguably can have malicious uses but are mostly use for network investigations, day-to-day tests.

References[]

  1. United States v. Phillips, 477 F.3d 215, 217 n.1 (5th Cir. 2007) (full-text).
  2. NIST Special Publication 800-82, at B-6.
  3. Id. at 217 n.1.
Advertisement