An endpoint of communication in an operating system, which identifies a specific processor a type of network service is running on that system, is called a port. A port is always associated with an IP address of a host and the protocol type of the communication. For example, to transfer a file to a remote computer, one must specify the computer itself by an IP address, the information type by the correct protocol, and the software or service on that computer by the correct port. In the simplest terms, a port is where information gets into and out of a computer from or to the web.

Port scanning refers to the activity in which a user checks the ports on a computer. Legally, it’s used to scan for weaknesses in any of the TCP or UDP’s 65,535 ports each (this range can be modified), as even a single one can be used by hackers to tap into a computer, which is exactly how a hacker does so. Hackers also engage in port scanning. The difference is, wherein normally weaknesses found are patched and secured, hackers take advantage of them to gain access.

There is a variety of types of port scanning, although the majority performed are the TCP kind. For example, Vanilla Scanning is used to scan all 65,535 ports, either TCP or UDP. Stealth Scanning is more often than not used for hacking, as it is set up to go undetected by network traffic auditing tools. Basic Port Scan works sort of like pinging the port, in which it usually sends a packet to a specific port. There are many others beside the ones mentioned, such as SYN, UDP, ACK, and FIN Port Scanning.

Written by Adrian Alexander and Charottama Oshmar