Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

if a port is open, then what?

Status
Not open for further replies.
FaisalHenry

FaisalHenry

Programmer
Dec 19, 2000
32
US
hello guys,
i have a hypothetical question here,
we know that some security product usually protect or shut down well known ports such as FTP, telnet etc,

but, suppose i was a hacker, and ran a port scanner, and found a port, let say 6500 was open,
then what? can i use that port for telnetting or FTP?
 
Sort by date Sort by votes
In theory yes - in practice not really.
The apps you mention need a service to connect to not just a port.

To telnet in you have to have a telnet service listening on
a port (which would be port 23)

or the same with FTP - you need an FTP server to connect to
FTP server usually listens to port 21.

Simplified but hope this helps clarify. :)
 
Upvote 0 Downvote
Just having a port open is not a vulnerability per-se (although it's not best-practice) unless there's a piece of software listening for incoming connections behind it. If there's no server software listening then any connection attempt through that port will fail.

What you have to watch out for is a bad guy planting a server inside your firewall that will respond to his connection attempts. This can be done through the usual virus distribution techniques (email, etc), but also via a trojan-horse program that an employee unknowingly runs (like one of the recent crop of Osama bin-Laden games). Thus it's good practice to keep all ports closed unless there is a compelling need to open one.

Chip H.
 
Upvote 0 Downvote
i c,
well then, suppose i have planted a server program inside someone's computer that will open port 6500, could i ftp through that port?
 
Upvote 0 Downvote
As Chip says - yes this is one aim of a hacker to install a server that will respond to his connection attempt. Many of the major trojans do this such as Back Orifice, Sub-seven etc - they will actively listen on a port number for a connection.

If you did plant an FTP server on a computer you could direct it to listen at any port. However this is why people use firewalls to block unused ports. Remember to FTP you need both FTP client and server running respectively.

Cheers

 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Sameer258
  • Locked
  • Question
Need Help to Find ip and mac address with email who one open my email
Replies
0
Views
791
Sameer258
Sameer258
XLNTech1
  • Locked
  • Question
iptables port forwarding
Replies
0
Views
590
XLNTech1
XLNTech1
Sparrow4
  • Locked
  • Question
AnyConnect + Azure + SAML
Replies
0
Views
548
Sparrow4
Sparrow4
RMurr34
  • Locked
  • Question
ASA Config - Open port 3389 for all IPs
Replies
1
Views
198
iggsterman
iggsterman
Tommy_T
  • Locked
  • Question
Sonic wall - Have an issue remotely connectioning VNC and SMB (and AFP) to one of the 2 ISP circuits
Replies
1
Views
584
nnaarrnn
nnaarrnn

Part and Inventory Search

Sponsor

Back
Top