Network Port Scanners
Port scanners are used to help increase the security of your network. Ports are mapped to specific services. By running a software program that tests to see what ports a specific computer responds on, a network administrator (or potential hacker) can get some indication about the types of services running on a particular machine. Port scanning can be done inside your network to test various servers and workstation or it can be done from outside your network to determine what services can be accessed from the internet through your firewall.
Goals of Port Scanning
- To determine services that a computer is running and shut down services not being used to increase the security of the computer being scanned.
- To determine the vulnerabilities of the services that are being run in the computer being scanned. The vulnerabilities can then be patched once they are identified.
Internal and External Port Scanning
There are some security service providers that will scan your network from the internet to test for open ports and vulnerabilities on your servers. They may provide a printed or electronic report on the results outlining your vulnerabilities and giving recommendations about how to fix them. Many of these services are very useful especially since they stay current with current vulnerability information and update their software regularly to test for new vulnerabilities.
Even if you hire someone to scan your network from the outside, you should still scan your network with your own scanning tools from the inside. Please note that before scanning or sniffing your network, even as a network administrator, you should always get written permission from your management first up to the level of your CIO. This to avoid prosecution should someone decide they do not like information being scanned. Also be sure you do not scan when system crashes due to scans could cause loss of data or interfere with work.
If you scan your network, you should scan specific parts of your network rather than the whole network at one time. I would recommend that you scan and secure your servers first, but do not do this during normal business hours when your server usage is at a peak. Also you may want to warn your users before a scan is done that some service interruption may occur due to system preventative maintenance.
There are many port scanner types some of which may identify vulnerabilities along with ports that are being serviced. Links to port scanners can be found at http://www.techtutorials.info/nsectools.html