What Is Port Scanner?

A port scanner is a piece of software designed to search a network host for open ports. This is often used by administrators to check the security of their networks and by hackers to compromise it. To port scan a host is to scan for multiple listening ports on a single target host. To port sweep is to scan multiple hosts for a specific listening port. The latter is typically used in searching for a specific service.

How A Scanner Works ?
Each time you send or receive data through the Internet, your mail (or web, chat, or whatever) program must connect to a remote port of a remote host. Some of the services are ftp21-file transfer protocol,telnet23_Telnet,smtp25-simple mail transfer etc.

In fact, the list of services/ports is greater than the above and includes three different ports ranges:
port range utilization
0 - 1023 well known ports, which includes the most common services, like smtp, pop3, ftp, etc. 1024 - 49151 registered ports, which are assigned by the IANA organization
49152 - 65535 dynamic and/or private ports, which can be freely used

The TCP/IP protocol is based on the OSI (Open Systems Interconnection) model, developed between 1977 and 1984. That model uses a proposal of the ISO (International Organization for Standardization), so it is well known as the ISO/OSI model also. The ISO/OSI architecture divides the network into various layers (application, presentation, session, transport, network, data-link and phisical).

The IP and TCP protocols are the ground of data transfer. The IP protocol, which works at network layer, handles the transfer of raw data between computers. At this level, each packet contains the data which must be transferred and the ip address of the sender and the receiver. The TCP protocol works at the transport layer, but the principle is the same. TCP replaces the ip address concept with the port concept. Each transferred packet contains the data and the port number, where the port number is associated with a service instead of a computer.
In other words, the IP protocol moves the raw data from one computer to other, using the ip address to identify each computer of the network. Well, but when the data arrives to the destination computer, where must be leaved ? Are you browsing the WEB ? If so, the TCP protocol redirects the incoming data through the port used by the HTTP service (80). Are you using an FTP client ? The TCP protocol redirects the incoming data through the port used by the service (21), and so on.
As you can see, the port and service concepts are the basic principles used during data transfer through the Internet. Now you can understand which is the main purpose of a TCP/IP scanner. If you want to know what are the services currently running on a remote host, you must scan its ports.


  Syaf The Geek

April 25, 2007 at 10:38 PM

I've used this scanner once and it is very useful for scanning purposes. Looking for that loophole hehe