Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

if a port is open, then what?

Status
Not open for further replies.

FaisalHenry

Programmer
Dec 19, 2000
32
US
hello guys,
i have a hypothetical question here,
we know that some security product usually protect or shut down well known ports such as FTP, telnet etc,

but, suppose i was a hacker, and ran a port scanner, and found a port, let say 6500 was open,
then what? can i use that port for telnetting or FTP?
 
In theory yes - in practice not really.
The apps you mention need a service to connect to not just a port.

To telnet in you have to have a telnet service listening on
a port (which would be port 23)

or the same with FTP - you need an FTP server to connect to
FTP server usually listens to port 21.

Simplified but hope this helps clarify. :)
 
Just having a port open is not a vulnerability per-se (although it's not best-practice) unless there's a piece of software listening for incoming connections behind it. If there's no server software listening then any connection attempt through that port will fail.

What you have to watch out for is a bad guy planting a server inside your firewall that will respond to his connection attempts. This can be done through the usual virus distribution techniques (email, etc), but also via a trojan-horse program that an employee unknowingly runs (like one of the recent crop of Osama bin-Laden games). Thus it's good practice to keep all ports closed unless there is a compelling need to open one.

Chip H.
 
i c,
well then, suppose i have planted a server program inside someone's computer that will open port 6500, could i ftp through that port?
 
As Chip says - yes this is one aim of a hacker to install a server that will respond to his connection attempt. Many of the major trojans do this such as Back Orifice, Sub-seven etc - they will actively listen on a port number for a connection.

If you did plant an FTP server on a computer you could direct it to listen at any port. However this is why people use firewalls to block unused ports. Remember to FTP you need both FTP client and server running respectively.

Cheers

 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top