logo

The "Port scanner" service description

About network ports

In computer networking, a port is a communication endpoint. At the software level, within an operating system, a port is a logical construct that identifies a specific process or a type of network service. A port is identified for each transport protocol and address combination by a 16-bit unsigned number, known as the port number. The most common transport protocols that use port numbers are the Transmission Control Protocol (TCP) and the User Datagram Protocol (UDP).

A port number is always associated with an IP address of a host and the type of transport protocol used for communication. It completes the destination or origination network address of a message. Specific port numbers are reserved to identify specific services so that an arriving packet can be easily forwarded to a running application. For this purpose, the lowest-numbered 1024 port numbers identify the historically most commonly used services and are called the well-known port numbers. Higher-numbered ports are available for general use by applications a nd are known as ephemeral ports.

Ports provide a multiplexing service for multiple services or multiple communication sessions at one network address. In the client–server model of application architecture, multiple simultaneous communication sessions may be initiated for the same service.

Go to UP

About port scan

A port scanner is an application designed to probe a server or host for open ports. Such an application may be used by administrators to verify security policies of their networks and by attackers to identify network services running on a host and exploit vulnerabilities.

A port scan or portscan is a process that sends client requests to a range of server port addresses on a host, with the goal of finding an active port; this is not a nefarious process in and of itself. The majority of uses of a port scan are not attacks, but rather simple probes to determine services available on a remote machine.

To portsweep is to scan multiple hosts for a specific listening port. The latter is typically used to search for a specific service, for example, an SQL-based computer worm may portsweep looking for hosts listening on TCP port 1433.

HAProxy-WI eases up understanding what ports are opened, what are closed. Understanding of these can do less vulnerability and prevent some network attacks.

Go to UP

About HAProxy-WI Port scanner

Since version 4.5.3 HAProxy-WI provides ability to scan remote system for open ports, but it on-demand and cannot be regularly. Because of this irregularity, it is impossible to track changes and be sure that all unnecessary ports are closed.

Since version 5.1.0 HAProxy-WI has a service which tracks all opens ports, compare them, keep history and notices you if there are any changes. You now have up-to-date information about the network status of your servers.

To portsweep is to scan multiple hosts for a specific listening port. The latter is typically used to search for a specific service, for example, an SQL-based computer worm may portsweep looking for hosts listening on TCP port 1433.

Port Scanner HAProxy-WI

Go to UP

How HAProxy-WI Port scanner works

HAProxy-WI Port scanner uses SYN scan type for scanning:

SYN scan is another form of TCP scanning. Rather than using the operating system's network functions, the port scanner generates raw IP packets itself, and monitors for responses. This scan type is also known as "half-open scanning", because it never actually opens a full TCP connection. The port scanner generates a SYN packet. If the target port is open, it will respond with a SYN-ACK packet. The scanner host responds with an RST packet, closing the connection before the handshake is completed. If the port is closed but unfiltered, the target will instantly respond with an RST packet.

The use of raw networking has several advantages, giving the scanner full control of the packets sent and the timeout for responses, and allowing detailed reporting of the responses. There is debate over which scan is less intrusive on the target host. SYN scan has the advantage that the individual services never actually receive a connection. However, the RST during the handshake can cause problems for some network stacks, in particular simple devices like printers. There are no conclusive arguments either way.

Port scanner service scans remote systems for which this option is enabled every 5 minutes, by default.

Go to UP

Installation


For Port scanner service installation you should run:

How to start using RPM you can read here

Go to UP

Port scan history

Also you may enable history for Port scanner, after enabling Port scanner starts to collect opened and closed ports. It can help in future debugging:

Port Scanner HAProxy-WI

Go to UP

Was this article helpful?

Yes, thanks!
Not really
Go to UP
Go back