Threat | Port Scans

Send a packet to a specific machine, particular port... analyze the response (if any)
Part of a classic attack strategy
- Reconnaissance:
  - Determine which ports are open
  - What services are responding
  - Use responses to determine version of operating system, web server, etc.
- Planning: Use results of port scans to select tools and methods for specific operating system, services, etc.
  - RootShell.com and other hacker sites have helpful search engines...
- Attack: Focused attack, customized to target system
- Note: Newer attack forms just attack blindly without prior port scans... lower probability of success, but much faster and no prior warnings

Send a packet to a specific machine, particular port... analyze the response (if any)