Stealth port scan, what is it and how we can use it for our advantages?
A computer port is like a door to a house, which is used for sending or receiving data to or from the computer. Ordinarily, a computer has several ports through which it communicates with the other computers on the local network or on the internet.
A Port Scan is a series of messages sent to the computer to identify its open ports and a Port Scanner is an application that sends these messages. A Port Scanner is mainly used for finding services running on remote machines on the network. But, it can be also used by attackers trying to find vulnerable ports to gain access to confidential data from the user’s computer.
What is a Stealth Port Scan?
Stealth Port Scan is a type of port scan in which the scanning application stops the server or host machine from logging the request for connection and thereby the attacker succeeds in concealing the identity of the attacking machine. This can be thought as a thief finding for open doors of houses so that the house valuables can be stolen easily.
Given the robustness of Stealth Port Scan, its popularity has gained new dimension among attackers. The administrators should be diligent and run Stealth Port Scan on their servers and test if any possible stealth intrusions are getting logged successfully.
Stealth Port Scan Tools
A few tools for Stealth Port Scan available to the administrator are NULL, FIN, X-MAS, and N-Map. Among these, N-Map is a comprehensive tool available to the administrator. But, a meticulous administrator should not forget that the tool available to the administrator is also available to the attacker. Apart from scanning N-Map it can also be used to detect the host’s operating system.
A port scan poses a major threat to the computers from attackers and a knowledgeable security administrator can be a good asset in dealing with Stealth Port Scan activities originating from the local network or from the internet.