Port: 0
Service: Reserved
Description: Typically used to analyze the operating system. This approach works because "0" is an invalid port in some systems and will produce different results when you try to connect to it using the usual closed ports. A typical scan, using an IP address of 0.0.0.0, sets the ACK bit and broadcasts over the Ethernet layer.
PORT: 1
Service: Tcpmux
Description: This shows someone looking for a SGI IRIX machine. IRIX is the primary provider of implementation Tcpmux, and Tcpmux is opened in this system by default. The IRIX machine is published with several default password-free accounts, such as IP, GUEST UUCP, NUUCP, DEMOS, TUTOR, DIAG, Outofbox, and so on. Many administrators forgot to delete these accounts after installation. So hacker searches the internet for Tcpmux and uses these accounts.
Port: 7
Service: Echo
Description: To be able to see many people searching for Fraggle amplifiers, send information to x.x.x.0 and x.x.x.255.
Port: 19
Service: Character Generator
Description: This is a service that sends only characters. The UDP version will respond to packets that contain junk characters after the UDP packet is received. A TCP connection sends a stream of data that contains a garbage character until the connection is closed. Hacker uses IP spoofing to launch a Dos attack. Fake UDP packets between two Chargen servers. The same Fraggle DOS attack broadcasts a packet of spoofed victim IP to this port on the destination address, and the victim is overloaded in response to the data.
Port: 21
Services: FTP
Description: FTP server open port, for upload, download. The most common use of attackers is to find ways to open anonymous FTP servers. These servers have a read-write directory. Trojans doly ports open to Trojan, Fore, invisible FTP, WebEx, Wincrash, and Blade Runner.
Port: 22
Services: Ssh
Description: Pcanywhere established TCP and this end port connection may be to find SSH. There are many weaknesses in this service, and if configured in a specific pattern, many of the versions using the RSAREF library will have a number of vulnerabilities.
Port: 23
Services: Telnet
Description: Telnet, an intruder searches for UNIX services remotely. In most cases, this port is scanned to find the operating system on which the machine is running. And with other techniques, intruders will also find passwords. Trojan Tiny Telnet Server to open this port.
Port: 25
Services: SMTP
Description: The port that the SMTP server is open for sending messages. Intruders are looking for SMTP servers to pass on their spam. The intruders ' accounts are closed and they need to be connected to a high-bandwidth e-mail server to deliver simple information to different addresses. Trojan antigen, Email Password Sender, Haebu Coceda, Shtrilitz Stealth, WINPC, winspy all open this port.
Port: 31
Service: MSG Authentication
Description: Trojan Master Paradise, Hackers Paradise Open this port.
Port: 42
Services: WINS Replication
Description: WINS replication
Port: 53
Services: Domain name Server (domain)
Description: A port that is open to a domain server, an intruder may be attempting to perform zone transfer (TCP), spoofed domain (UDP), or hide other traffic. Therefore, firewalls often filter or record this port.
Port: 67
Service: Bootstrap Protocol Server
Description: Firewalls from DSL and cable modems often see large numbers of data sent to broadcast address 255.255.255.255. These machines are requesting an address from the DHCP server. Hacker often enter them, assigning an address that initiates a large number of man-in-the-middle (man-in-middle) attacks as a local router. The client broadcasts the request configuration to the 68-port broadcast, and the servers broadcast the response request to port 67. This response uses the broadcast because the client is unaware of the IP address that can be sent.
Port: 69
Service: Trival File Transfer
Description: Many servers together with BOOTP provide this service to facilitate downloading of boot code from the system. But they often cause intruders to steal any file from the system because of misconfigured configuration. They can also be used for system write files.
Port: 79
Services: Finger Server
Description: An intruder is used to obtain user information, query the operating system, detect known buffer overflow errors, and respond from its own machine to other machine finger scans.
PORT: 80
Services: HTTP
Description: For Web browsing. Trojan Executor open this port.
PORT: 99
Service: Metagram Relay
Description: Backdoor program ncx99 Open this port.
Port: 102
Service: Message transfer agent (MTA)-x.400 over TCP/IP
Description: Message transfer agent.
Port: 109
Services: Post Office Protocol-version3
Description: The POP3 server opens this port for receiving mail and client access to server-side mail services. The POP3 service has many recognized weaknesses. There are at least 20 weaknesses in the user name and password Exchange buffer overflow, which means the intruder can enter the system before a real login. There were other buffer overflow errors after the successful landing.
Port: 110
Services: All ports of sun company RPC Service
Note: Common RPC services are RPC.MOUNTD, NFS, RPC.STATD, RPC.CSMD, RPC.TTYBD, AMD, etc.
Current 1/6 page
123456 Next read the full text
