What is Port Scanning? - Definition, Types & Tools

Instructor: Erik Rodriguez

Erik has experience working in Cybersecurity and has a Master's of Science in Information Systems.

In this lesson, we will discuss what ports are on a computer as well as how to conduct port scanning. Additionally, we will review some common methods for conducting port scans.

Knock … Knock

''One of these rooms has to be it,'' you say as you make your way through the labyrinth of hallways at one of your university's academic buildings. It's your first semester as a college student and you can't seem to find your class. As you make your way through the building, you look through the window of each door hoping to find it. This scenario is akin to how port scanning tools search for ports on a computer.

hallway

Ports? What Are Those?

Ports are the ''doorways'' in a computer that allow for data and information to be exchanged. Each port has a specific service assigned to it, much like a room at a university has a specific class assigned to it. Looking for open ports can allow security researchers and hackers alike to find a way into the computer. In an era where data breaches and security incidents occur regularly, port scanning tools have become a crucial tool for any security administrator tasked with securing an organization's data.

Port Scanning

Port scanning refers to the act of searching for a computer's ports through the use of specialized software. This software searches for the ''doorways'' in a computer and classifies them into one of three categories—open, closed, or filtered. Once the port scan is complete, the user will then be able to see all of the available ports on the target machine as well as their classification. This can be useful for security administrators who want to see if any open ports need to be closed or filtered. However, a hacker can also use this information to plan an attack that corresponds to a specific port's classification.

Scan

TCP Scanning

One of the most common protocols used for port scanning is TCP, short for Transmission Control Protocol. Currently, there are several methods available that utilize TCP in order to conduct port scanning. These include SYN scans and TCP connect scans.

SYN Scans

SYN scans work by partially connecting to a target machine's port by sending an SYN packet to the host. An SYN packet is a packet that is sent when one machine attempts to initiate a connection with another machine. Typically, when a connection is established, the target machine will respond to the sending machine's packet by stating whether a port is open or closed. If a port is open, the target machine responds with an SYN/ACK packet, which stands for Synchronization Acknowledged. If a port is closed, the target machine responds with an RST packet, which stands for Reset. Open ports are vulnerable to exploitation while closed ports are not. This is why SYN scans are valuable to both hackers and network security administrators.

To unlock this lesson you must be a Study.com Member.
Create your account

Register to view this lesson

Are you a student or a teacher?

Unlock Your Education

See for yourself why 30 million people use Study.com

Become a Study.com member and start learning now.
Become a Member  Back
What teachers are saying about Study.com
Try it risk-free for 30 days

Earning College Credit

Did you know… We have over 160 college courses that prepare you to earn credit by exam that is accepted by over 1,500 colleges and universities. You can test out of the first two years of college and save thousands off your degree. Anyone can earn credit-by-exam regardless of age or education level.

To learn more, visit our Earning Credit Page

Transferring credit to the school of your choice

Not sure what college you want to attend yet? Study.com has thousands of articles about every imaginable degree, area of study and career path that can help you find the school that's right for you.

Create an account to start this course today
Try it risk-free for 30 days!
Create An Account
Support