A, scanning purpose
Objective: network scanning can let users to find the host and the host in the network activities open ports, to determine the target host open service, and then through the scanning of service, access to the target host operating system type, service information
Version information, such as
The discovery of host 1-1
Through to the host in a network scan, can be found that the network of the host, when found in the network activities of the host, and then rethink the scanning range scan (needn't to scan all hosts), host open port scan activities, so as to determine the open service information,
1-2 detection port
After scanning the network activities in the host, can detect the host open all ports (especially in the TCP/IP protocol port), the most commonly used protocol is TCP and UDP protocol, because two protocols are independent, so the respective port is also independent of each other,
In the TCP/IP port, can be classified according to have a purpose, specific as follows:
1, Known as port (Well Known Porits)
Known as port: the well-known port number, the range is 0 to 1023, generally the WWW default port number is 80, FTP service the default port is 21, generally the user can also specify ports for services, but there are some system protocol is fixed port number, such as: port 139 is dedicated to the NetBIOS and TCP/IP communication between, cannot be manually altered,
2, the dynamic port
Dynamic port: the range is 49152 ~ 65535, according to the procedures of application, the system for automatic dynamic allocation,
3, the registered port
Port: dynamic range is 1024 ~ 49151, used to assigned to the user process or application, these ports in the absence of is occupied by a server resources, dynamic selection is for clients,
1-3 judgment service
In computer network, each service has a corresponding port by default, if detected after the target host open port, can determine the corresponding service, so please keep in mind the below TCP port and service
Common TCP port number and service
20, 21 FTP FTP file transfer protocol
22 SSH SSH (secure shell) is a relatively safe remote link protocol
23 Telnet Telnet for remote signing agreement,
25 SMTP SMTP (Simple Mail Transfer Protocol) is the Internet Mail Transfer Protocol
53 DNS name lookup DNS server
80 HTTP World Wide Web Service
88 Kerberos network account verification protocol
110 POP3 receiving software (Client side) agreement
119 NNTP News on Usenet discussion group agreement, namely the News server is to use the network communication protocol
135 RPC Windows platform on the network communication between each other using computer network services agreement
Through 137 NetBOIS Name Server WINS Server, WINS Server do Name resolution to get the IP address of the web host
138 NetBOIS Datagram is part of NetBOIS over TCP/IP and login for network and network browse
139 NetBOIS Session Services is part of the NetBOIS over TCP/IP, used for file sharing and network printers print function

143 IMAP4 access agreementSNMP (Simple Netword 161 SNMP Management Protocol) network Management Protocol used
162 SNMP Trap SNMP network management, the Trap can be made by management of the status of the equipment in the system of emergency notification when network management system
194 IRC IRC (Internet Relay Chat Protocol), network Chat Protocol
389 LDAP Lightweight Directory Access Protocol, AD through the LDAP connected to the DC for the AD database query
443 HTTPS use SSL port, through the SSL user the Browser with the WWW Server can achieve security, data encryption transmission purpose
593 the RPC over HTTP using on the COM + service
993 IMAP use SSL encryption IMAP online
995 POP3 use SSL confidential POP3 online
1433 SQL Server is a SQL Server database services, network link libraries using the communication terminal through TCP/IP communication
SQL 1434 Monitoring to monitor the performance of the SQL Server
3306 MySQL MySQL database service
3389 RDP RDP (Remote Desktop Protocol)