IP and port of Monroe coin pool
Publish: 2021-04-04 19:33:08
1.
" Port & quot; Port is the free translation of English port, which can be regarded as the export of communication between equipment and the outside world. These registers are used to store data information, control information and status information. The corresponding ports are called data port, control port and status port
the system program that a computer runs is actually like a closed circle, but the computer serves people. It needs to accept some instructions and adjust the system functions to work according to the instructions, so the system programmer cuts the circle into many segments, and these segment interfaces are called ports
when the system runs to these ports, it will see whether the ports are open or closed. If the ports are closed, the rope is connected, and the system runs down. If the ports are open, the system will get commands, input external data, accept external data and execute them
extension materials
1. Port function
1. A host with IP address can provide many services, such as web service, FTP service, SMTP service, etc., which can be realized by one IP address. So, how does the host distinguish different network services? Obviously, it can not only rely on IP address, because the relationship between IP address and network services is one to many. In fact, different services are distinguished by "IP address + port number"
It should be noted that the ports do not correspond to each other. For example, when your computer accesses a WWW server as a client, the WWW server uses port "80" to communicate with your computer, but your computer may use port "3457" (2) the role of port in intrusion (1) someone once compared the server to a house and the port to a door leading to a different room (service). If you don't consider the details, this is a good analogy2. If an intruder wants to occupy the house, he is bound to break into the house (physical invasion). So it is very important for the intruder to know how many doors the house has opened, what kind of doors they are, and what is behind the door
3. The intruder usually scans the ports of the target host with a scanner to determine which ports are open. From the open ports, the intruder can know the services provided by the target host, and then guess the possible vulnerabilities. Therefore, scanning the ports can help us better understand the target host, and for the administrator, Scanning the open port of the machine is also the first step of security
2. IP is the address of the computer, and the port is the entrance and exit of the computer. Just like in real life, your address is IP, and the external doors and windows of your home are ports. If you go in and out of data through the same port, IP determines the address
3. IP (protocol of interconnection between networks):
the protocol of interconnection between networks (IP) is the abbreviation of Internet Protocol in foreign language, and the abbreviation of Chinese is "association of networks". "
the protocol of interconnection between networks is also the protocol designed for communication between computer networks. In the Internet, it is a set of rules that can make all computer networks connected to the Internet communicate with each other. It stipulates the rules that computers should abide by when communicating on the Internet. Any computer system proced by any manufacturer can be interconnected with the Internet as long as it complies with the IP protocol. IP address is unique, according to the different nature of users, it can be divided into five categories. In addition, IP also has the meaning of access protection, intellectual property, pointer register and so on
port:
& quot; Port & quot; Port is the free translation of English port, which can be regarded as the export of communication between equipment and the outside world. Port can be divided into virtual port and physical port, in which virtual port refers to the port inside the computer or switch router, invisible. For example, port 80, port 21, port 23 and so on in the computer. Physical port, also known as interface, is the visible port, RJ45 network port of computer backplane, RJ45 port of switch router hub, etc. The RJ11 socket used by telephone also belongs to the category of physical port.
the protocol of interconnection between networks (IP) is the abbreviation of Internet Protocol in foreign language, and the abbreviation of Chinese is "association of networks". "
the protocol of interconnection between networks is also the protocol designed for communication between computer networks. In the Internet, it is a set of rules that can make all computer networks connected to the Internet communicate with each other. It stipulates the rules that computers should abide by when communicating on the Internet. Any computer system proced by any manufacturer can be interconnected with the Internet as long as it complies with the IP protocol. IP address is unique, according to the different nature of users, it can be divided into five categories. In addition, IP also has the meaning of access protection, intellectual property, pointer register and so on
port:
& quot; Port & quot; Port is the free translation of English port, which can be regarded as the export of communication between equipment and the outside world. Port can be divided into virtual port and physical port, in which virtual port refers to the port inside the computer or switch router, invisible. For example, port 80, port 21, port 23 and so on in the computer. Physical port, also known as interface, is the visible port, RJ45 network port of computer backplane, RJ45 port of switch router hub, etc. The RJ11 socket used by telephone also belongs to the category of physical port.
4. Port can be regarded as the outlet of communication between equipment and the outside world. Port can be divided into virtual port and physical port, in which virtual port refers to the port inside the computer or switch router, invisible. For example, port 80, port 21, port 23 and so on in the computer. Physical port, also known as interface, is the visible port, RJ45 network port of computer backplane, RJ45 port of switch router hub, etc. The RJ11 socket used by telephone also belongs to the category of physical port
IP address, the protocol of interconnection between networks. Foreign language is the abbreviation of internet protocol, and Chinese abbreviation is "Internet association". Abbreviated as IP
the protocol of interconnection between networks is the protocol designed for communication between computer networks. In the Internet, it is a set of rules that can make all computer networks connected to the Internet communicate with each other. It stipulates the rules that computers should abide by when communicating on the Internet. Any computer system proced by any manufacturer can be interconnected with the Internet as long as it complies with the IP protocol. IP address is unique, according to the different nature of users, it can be divided into five categories. In addition, IP also has the meaning of access protection, intellectual property, pointer register and so on.
IP address, the protocol of interconnection between networks. Foreign language is the abbreviation of internet protocol, and Chinese abbreviation is "Internet association". Abbreviated as IP
the protocol of interconnection between networks is the protocol designed for communication between computer networks. In the Internet, it is a set of rules that can make all computer networks connected to the Internet communicate with each other. It stipulates the rules that computers should abide by when communicating on the Internet. Any computer system proced by any manufacturer can be interconnected with the Internet as long as it complies with the IP protocol. IP address is unique, according to the different nature of users, it can be divided into five categories. In addition, IP also has the meaning of access protection, intellectual property, pointer register and so on.
5. Port number --- identification number of application software with network function. Note that the port number is not fixed, that is, it can be manually assigned by the user (of course, it is generally defined when the software is written). Of course, there are many applications that have recognized default ports, such as FTP: 20 and 21, http: 80, telnet: 23, and so on. A software can have multiple port numbers, which proves that the software has more than one network function
0-1023 is a recognized port number, which has been defined or reserved for software to be defined, while 1024-65535 is a port number with no public definition. Users can define the role of these ports by themselves
what is the role of port number? Please continue to look down
when a computer starts a program that can be accessed by other remote computers, it needs to open at least one port number for external access. We can regard the computer without opening the port number as a sealed room. Of course, the sealed room can not accept external access, so when the system opens a program that can be accessed by the outside world, it naturally needs to open a window in the room to accept access from the outside world. This window is the port
then why should we give port numbers to distinguish them? Since a program has opened a port, can't external information be accessed through the open port? The answer is No. Why? Because the data is used to inform the transport layer protocol which software to send to process with the port number, the data is not intelligent. If many programs share a port to receive data, then when a data packet from the outside world is sent, the transport layer will not know which software to send to process, which will inevitably lead to confusion
it was mentioned last time that the layer 4 header of a data segment encapsulated by the OSI layer 4 transport layer contains two port numbers, namely the source port number and the destination port number. The function of the destination port number has been described above. Let's understand the original port number
the source port number is usually generated dynamically by the system itself, from 1024 to 65535. When a computer a accesses computer B through the network, if it needs the other party to return data, it will also randomly create a port larger than 1023 to tell B which port to send the data to when it returns data, and then the software will listen on this port, Wait for the data to return. After B receives the data, it will read the source port number and destination port number of the data packet, and then record them. When the software creates the data to be returned, it will take the original port number in the original data packet as the destination port number, and its own port number as the original port number. That is to say, it will reverse the original port number and destination port number in the received data packet, and then send them back to a, A repeats the process until the data transmission is completed. When all the data is transmitted, a releases the source port, so the same software does not necessarily have the same source port number each time it transmits data.
0-1023 is a recognized port number, which has been defined or reserved for software to be defined, while 1024-65535 is a port number with no public definition. Users can define the role of these ports by themselves
what is the role of port number? Please continue to look down
when a computer starts a program that can be accessed by other remote computers, it needs to open at least one port number for external access. We can regard the computer without opening the port number as a sealed room. Of course, the sealed room can not accept external access, so when the system opens a program that can be accessed by the outside world, it naturally needs to open a window in the room to accept access from the outside world. This window is the port
then why should we give port numbers to distinguish them? Since a program has opened a port, can't external information be accessed through the open port? The answer is No. Why? Because the data is used to inform the transport layer protocol which software to send to process with the port number, the data is not intelligent. If many programs share a port to receive data, then when a data packet from the outside world is sent, the transport layer will not know which software to send to process, which will inevitably lead to confusion
it was mentioned last time that the layer 4 header of a data segment encapsulated by the OSI layer 4 transport layer contains two port numbers, namely the source port number and the destination port number. The function of the destination port number has been described above. Let's understand the original port number
the source port number is usually generated dynamically by the system itself, from 1024 to 65535. When a computer a accesses computer B through the network, if it needs the other party to return data, it will also randomly create a port larger than 1023 to tell B which port to send the data to when it returns data, and then the software will listen on this port, Wait for the data to return. After B receives the data, it will read the source port number and destination port number of the data packet, and then record them. When the software creates the data to be returned, it will take the original port number in the original data packet as the destination port number, and its own port number as the original port number. That is to say, it will reverse the original port number and destination port number in the received data packet, and then send them back to a, A repeats the process until the data transmission is completed. When all the data is transmitted, a releases the source port, so the same software does not necessarily have the same source port number each time it transmits data.
6. IP protocol is composed of TCP, UDP, ARP, ICMP and a series of sub protocols. Among them, TCP and UDP protocols are mainly used for data transmission. In TCP and UDP protocols, the concept of port number exists. The port number is mainly used to distinguish service categories and to conct multiple sessions at the same time
for example, host a needs to provide FTP and WWW services. If there is no port number, the two services cannot be distinguished. In fact, when a host B on the network needs to access a's FTP service, it must specify the destination port number as 21; When you need to access a's WWW service, you need to set the destination port number to 80. At this time, a can distinguish two different requests of B according to the port number accessed by B. This is the function of port number to distinguish service categories.
for example, host a needs to provide FTP and WWW services. If there is no port number, the two services cannot be distinguished. In fact, when a host B on the network needs to access a's FTP service, it must specify the destination port number as 21; When you need to access a's WWW service, you need to set the destination port number to 80. At this time, a can distinguish two different requests of B according to the port number accessed by B. This is the function of port number to distinguish service categories.
7. Find a Japanese proxy server on the Internet
8. Computer "port" is the English translation of port, which can be regarded as the export of communication between computer and the outside world. The ports in hardware field are also called interfaces, such as USB port, serial port, etc. The port in the software field generally refers to the communication protocol port for connection service and connectionless service in the network. It is an abstract software structure, including some data structures and I / O buffers
according to the port number, it can be divided into three categories:
(1) well known ports: from 0 to 1023, they are closely bound to some services. Usually, the communication between these ports clearly indicates the protocol of a certain service. For example, port 80 is actually always HTTP communication
(2) registered ports: from 1024 to 49151. They are loosely bound to some services. That is to say, there are many services bound to these ports, which are also used for many other purposes. For example, many systems deal with dynamic ports from around 1024< (3) dynamic and / or private ports: from 49152 to 65535. In theory, these ports should not be assigned to services. In fact, machines usually allocate dynamic ports from 1024. But there are exceptions: sun's RPC port starts at 32768
some ports are often used by hackers and Trojans to attack computer systems. The following is an introction to computer ports and a brief way to prevent them from being attacked by hackers
port 8080
port Description: Port 8080 is the same as port 80, which is used for WWW Proxy Service and can realize web browsing. When visiting a website or using proxy server, the port number of ": 8080" is often added, such as http://www.cce.com.cn :8080
port vulnerability: Port 8080 can be used by various virus programs, for example, the brown origin (bro) Trojan horse virus can use port 8080 to completely remote control the infected computer. In addition, remoteconchubo and ringzero Trojans can also use this port to attack
operation suggestion: generally, we use port 80 for web browsing. In order to avoid virus attack, we can close the port
port: 21
Service: FTP
note: the open port of FTP server is used for uploading and downloading. The most common way for attackers to find ways to open anonymous's FTP server. These servers have read-write directories. Trojans doly Trojan, fore, invisible FTP, WebEx, wincrash and blade runner
port: 22
Service: SH
note: the connection between TCP and this port established by PcAnyWhere may be to find SSH. This service has many weaknesses. If it is configured in a specific mode, many versions using rsaref library will have many vulnerabilities
port: 23
Service: telnet
Description: remote login, the intruder is searching for the service of remote login UNIX. Most of the time, this port is scanned to find the operating system on which the machine is running. And with other technologies, the intruder will also find the password. This port is opened by tiny telnet server
port: 25
Service: SMTP
note: the port opened by the SMTP server is used to send mail. Intruders look for the SMTP server to deliver their spam. The intruder's account is closed, and they need to connect to the high bandwidth e-mail server to deliver simple information to different addresses. This port is open to Trojans such as anti gen, email password sender, haebu coceda, shtrilitz stealth, winpc and winspy
port: 80
Service: http
Description: for web browsing. The Trojan executor opens this port
port: 102
Service: message transfer agent (MTA) - x.400 over TCP / IP
note: message transfer agent
port: 109
Service: Post Office Protocol - version 3
note: POP3 server opens this port to receive e-mail and clients access the server-side e-mail service. POP3 services have many recognized weaknesses. There are at least 20 vulnerabilities to user name and password exchange buffer overflow, which means that intruders can enter the system before they actually log in. There are other buffer overflow errors after successful login
port: 110
Service: all ports of RPC service of Sun company
note: common RPC services include rpc.mountd, NFS, rpc.statd, rpc.csmd, rpc.ttybd, AMD, etc.
port: 119
Service: network news transfer protocol
note: News newsgroup transport protocol carries Usenet communication. The connection to this port is usually when people are looking for a Usenet server. Most ISPs restrict access to their newsgroup servers to only their customers. Opening the Newsgroup server will allow you to post / read anyone's posts, access restricted newsgroup servers, post anonymously or send spam
port: 135
Service: location service
note: Microsoft runs DCE RPC end-point mapper on this port to serve its DCOM. This is very similar to the function of UNIX port 111. Services that use DCOM and RPC use the end-point mapper on the computer to register their locations. When remote customers connect to the computer, they look up the end-point mapper to find the location of the service. Is hacker scanning this port of the computer to find the exchange server running on this computer? What version? There are also DoS attacks directed at this port
ports: 137, 138, 139
Service: NetBIOS name service
note: 137 and 138 are UDP ports, which are used when transferring files through network neighbors. Port 139: the connection entered through this port attempts to obtain the NetBIOS / SMB service. This protocol is used for windows file and printer sharing and Samba. It's also used by wins registry
port: 161
Service: SNMP
note: SNMP allows remote management of devices. All configuration and operation information is stored in the database, which can be obtained through SNMP. Many administrators' misconfigurations will be exposed to the Internet. Cackers will try to access the system with the default password of public and private. They might try all the possible combinations. SNMP packets may be misdirected to the user's network
what is the port
before we start talking about port, let's talk about port? I often hear on the Internet, "how many ports have my host opened? Will it be invaded?" Or "which port is safer? What kind of port should my service correspond to? " ha-ha! It's amazing! How come there are so many strange ports on a host? What's the use of this port
since the service functions of each network are different, it is necessary to send different packets to different services for processing. So, when your host turns on FTP and WWW services at the same time, the data packets sent by others will be processed by FTP or www services according to the port number on TCP, Of course, there will be no confusion Note: hehe! Some friends who seldom touch the Internet often ask, "Gee! Why does your computer have FTP, WWW and e-mail services at the same time, but how does your computer know how to judge when people send information? Will computers really not misjudge? " Now you know why?! Yes! It's because port is different! You can think of it like this. One day, if you want to go to a bank to deposit money, the bank can be thought of as a "mainframe". Then, of course, the bank can't have only one business. There are quite a few windows in it. When you enter the gate, the service staff at the gate will ask you, "Hi! How do you do! What are you going to do? " You said to him, "I want to save money!", Then the waiter will tell you, "drink! Then please go to window three! The staff over there will help you! " At this time, you will not run to other windows, will you& quot;& quot; These windows can be thought of as "port"! So! Each service has a specific port listening! You don't have to worry about the problem that the computer will misjudge
· every TCP connection must be requested by one end (usually client). The port number is usually randomly selected to be greater than 1024! Its TCP packet will set (and only set) the syn flag! This is the first packet of the whole network
· if the other end (usually the server) accepts this request (of course, special services need to be performed with a special port, such as FTP port 21), it will send back the second online packet to the requesting end! In addition to the syn flag, the ACK flag is also set. At the same time, resources are created on the local side for online use
· then, after obtaining the first response packet from the server, the requester must respond to the other party's confirmation packet. At this time, the packet only carries the ACK flag (in fact, all packets in the subsequent online must carry the ACK flag)
· only when the server receives the ACK packet from the requester (that is, the third packet of the whole connection), can the connection be established formally. This is called TCP online; Three way handshake; The principle of the system
after three-way handshake, ha ha! The port of your client is usually higher than 1024, which is obtained randomly. As for the host, it depends on which port is opened at that time. For example, www selects 80, while FTP takes 21 as the normal online channel
in a word, the port we are talking about here is not the I / O port of computer hardware, but the concept of software form. According to the different types of services provided by tools, there are two kinds of ports, one is TCP port, the other is UDP port. When computers communicate with each other, it can be divided into two ways: one is to confirm whether the information arrives after sending the information, that is, to have a reply, which mostly adopts TCP protocol; One is not to confirm whether the information arrives after sending, which mostly adopts UDP protocol. The service ports corresponding to these two protocols are also divided into TCP port and UDP port
then, if the attacker uses software to scan the target computer and get the port opened by the target computer, he will know what services the target computer provides. As we all know, when providing services, there must be vulnerabilities in the service software. According to these, the attacker can get a preliminary understanding of the target computer. If the computer has too many ports open and the administrator does not know, there are two cases: one is that the administrator does not pay attention to the services provided, for example, when IIS is installed, the software will automatically add many services, but the administrator may not pay attention to them; One is that the server is installed Trojan horse by the attacker and communicates through a special port. Both are dangerous,
according to the port number, it can be divided into three categories:
(1) well known ports: from 0 to 1023, they are closely bound to some services. Usually, the communication between these ports clearly indicates the protocol of a certain service. For example, port 80 is actually always HTTP communication
(2) registered ports: from 1024 to 49151. They are loosely bound to some services. That is to say, there are many services bound to these ports, which are also used for many other purposes. For example, many systems deal with dynamic ports from around 1024< (3) dynamic and / or private ports: from 49152 to 65535. In theory, these ports should not be assigned to services. In fact, machines usually allocate dynamic ports from 1024. But there are exceptions: sun's RPC port starts at 32768
some ports are often used by hackers and Trojans to attack computer systems. The following is an introction to computer ports and a brief way to prevent them from being attacked by hackers
port 8080
port Description: Port 8080 is the same as port 80, which is used for WWW Proxy Service and can realize web browsing. When visiting a website or using proxy server, the port number of ": 8080" is often added, such as http://www.cce.com.cn :8080
port vulnerability: Port 8080 can be used by various virus programs, for example, the brown origin (bro) Trojan horse virus can use port 8080 to completely remote control the infected computer. In addition, remoteconchubo and ringzero Trojans can also use this port to attack
operation suggestion: generally, we use port 80 for web browsing. In order to avoid virus attack, we can close the port
port: 21
Service: FTP
note: the open port of FTP server is used for uploading and downloading. The most common way for attackers to find ways to open anonymous's FTP server. These servers have read-write directories. Trojans doly Trojan, fore, invisible FTP, WebEx, wincrash and blade runner
port: 22
Service: SH
note: the connection between TCP and this port established by PcAnyWhere may be to find SSH. This service has many weaknesses. If it is configured in a specific mode, many versions using rsaref library will have many vulnerabilities
port: 23
Service: telnet
Description: remote login, the intruder is searching for the service of remote login UNIX. Most of the time, this port is scanned to find the operating system on which the machine is running. And with other technologies, the intruder will also find the password. This port is opened by tiny telnet server
port: 25
Service: SMTP
note: the port opened by the SMTP server is used to send mail. Intruders look for the SMTP server to deliver their spam. The intruder's account is closed, and they need to connect to the high bandwidth e-mail server to deliver simple information to different addresses. This port is open to Trojans such as anti gen, email password sender, haebu coceda, shtrilitz stealth, winpc and winspy
port: 80
Service: http
Description: for web browsing. The Trojan executor opens this port
port: 102
Service: message transfer agent (MTA) - x.400 over TCP / IP
note: message transfer agent
port: 109
Service: Post Office Protocol - version 3
note: POP3 server opens this port to receive e-mail and clients access the server-side e-mail service. POP3 services have many recognized weaknesses. There are at least 20 vulnerabilities to user name and password exchange buffer overflow, which means that intruders can enter the system before they actually log in. There are other buffer overflow errors after successful login
port: 110
Service: all ports of RPC service of Sun company
note: common RPC services include rpc.mountd, NFS, rpc.statd, rpc.csmd, rpc.ttybd, AMD, etc.
port: 119
Service: network news transfer protocol
note: News newsgroup transport protocol carries Usenet communication. The connection to this port is usually when people are looking for a Usenet server. Most ISPs restrict access to their newsgroup servers to only their customers. Opening the Newsgroup server will allow you to post / read anyone's posts, access restricted newsgroup servers, post anonymously or send spam
port: 135
Service: location service
note: Microsoft runs DCE RPC end-point mapper on this port to serve its DCOM. This is very similar to the function of UNIX port 111. Services that use DCOM and RPC use the end-point mapper on the computer to register their locations. When remote customers connect to the computer, they look up the end-point mapper to find the location of the service. Is hacker scanning this port of the computer to find the exchange server running on this computer? What version? There are also DoS attacks directed at this port
ports: 137, 138, 139
Service: NetBIOS name service
note: 137 and 138 are UDP ports, which are used when transferring files through network neighbors. Port 139: the connection entered through this port attempts to obtain the NetBIOS / SMB service. This protocol is used for windows file and printer sharing and Samba. It's also used by wins registry
port: 161
Service: SNMP
note: SNMP allows remote management of devices. All configuration and operation information is stored in the database, which can be obtained through SNMP. Many administrators' misconfigurations will be exposed to the Internet. Cackers will try to access the system with the default password of public and private. They might try all the possible combinations. SNMP packets may be misdirected to the user's network
what is the port
before we start talking about port, let's talk about port? I often hear on the Internet, "how many ports have my host opened? Will it be invaded?" Or "which port is safer? What kind of port should my service correspond to? " ha-ha! It's amazing! How come there are so many strange ports on a host? What's the use of this port
since the service functions of each network are different, it is necessary to send different packets to different services for processing. So, when your host turns on FTP and WWW services at the same time, the data packets sent by others will be processed by FTP or www services according to the port number on TCP, Of course, there will be no confusion Note: hehe! Some friends who seldom touch the Internet often ask, "Gee! Why does your computer have FTP, WWW and e-mail services at the same time, but how does your computer know how to judge when people send information? Will computers really not misjudge? " Now you know why?! Yes! It's because port is different! You can think of it like this. One day, if you want to go to a bank to deposit money, the bank can be thought of as a "mainframe". Then, of course, the bank can't have only one business. There are quite a few windows in it. When you enter the gate, the service staff at the gate will ask you, "Hi! How do you do! What are you going to do? " You said to him, "I want to save money!", Then the waiter will tell you, "drink! Then please go to window three! The staff over there will help you! " At this time, you will not run to other windows, will you& quot;& quot; These windows can be thought of as "port"! So! Each service has a specific port listening! You don't have to worry about the problem that the computer will misjudge
· every TCP connection must be requested by one end (usually client). The port number is usually randomly selected to be greater than 1024! Its TCP packet will set (and only set) the syn flag! This is the first packet of the whole network
· if the other end (usually the server) accepts this request (of course, special services need to be performed with a special port, such as FTP port 21), it will send back the second online packet to the requesting end! In addition to the syn flag, the ACK flag is also set. At the same time, resources are created on the local side for online use
· then, after obtaining the first response packet from the server, the requester must respond to the other party's confirmation packet. At this time, the packet only carries the ACK flag (in fact, all packets in the subsequent online must carry the ACK flag)
· only when the server receives the ACK packet from the requester (that is, the third packet of the whole connection), can the connection be established formally. This is called TCP online; Three way handshake; The principle of the system
after three-way handshake, ha ha! The port of your client is usually higher than 1024, which is obtained randomly. As for the host, it depends on which port is opened at that time. For example, www selects 80, while FTP takes 21 as the normal online channel
in a word, the port we are talking about here is not the I / O port of computer hardware, but the concept of software form. According to the different types of services provided by tools, there are two kinds of ports, one is TCP port, the other is UDP port. When computers communicate with each other, it can be divided into two ways: one is to confirm whether the information arrives after sending the information, that is, to have a reply, which mostly adopts TCP protocol; One is not to confirm whether the information arrives after sending, which mostly adopts UDP protocol. The service ports corresponding to these two protocols are also divided into TCP port and UDP port
then, if the attacker uses software to scan the target computer and get the port opened by the target computer, he will know what services the target computer provides. As we all know, when providing services, there must be vulnerabilities in the service software. According to these, the attacker can get a preliminary understanding of the target computer. If the computer has too many ports open and the administrator does not know, there are two cases: one is that the administrator does not pay attention to the services provided, for example, when IIS is installed, the software will automatically add many services, but the administrator may not pay attention to them; One is that the server is installed Trojan horse by the attacker and communicates through a special port. Both are dangerous,
9. How to close / open ports in windows, because by default, many unsafe or useless ports are opened, such as port 23 of Telnet service, port 21 of FTP service, port 25 of SMTP service, port 135 of RPC service, etc. In order to ensure the security of the system, we can close / open the port through the following methods
1. To close the port, for example, to close port 25 of the SMTP service in Windows 2000 / XP, you can do this: first open the control panel, double-click management tools, and then double-click services. Then find and double-click the "Simple Mail Transfer Protocol (SMTP)" service in the open service window, click the "stop" button to stop the service, then select "disabled" in the "start type", and finally click the "OK" button. In this way, shutting down the SMTP service is equivalent to shutting down the corresponding port
2. Open the port. To open the port, first select Auto in start type, click OK, then open the service, click start in service status to enable the port, and finally click OK. Tip: there is no "service" option in Windows 98. You can use the firewall's rule setting function to close / open the port.
1. To close the port, for example, to close port 25 of the SMTP service in Windows 2000 / XP, you can do this: first open the control panel, double-click management tools, and then double-click services. Then find and double-click the "Simple Mail Transfer Protocol (SMTP)" service in the open service window, click the "stop" button to stop the service, then select "disabled" in the "start type", and finally click the "OK" button. In this way, shutting down the SMTP service is equivalent to shutting down the corresponding port
2. Open the port. To open the port, first select Auto in start type, click OK, then open the service, click start in service status to enable the port, and finally click OK. Tip: there is no "service" option in Windows 98. You can use the firewall's rule setting function to close / open the port.
10. You use the network to search out the IP address is your local IP address
Hot content