Information Gathering technique and this tutorial is based on port scanning,.
So what is port scanning? In simple words, port scanning is the way to scanning computer ports for finding open services associated with that particular computer. Each service in our computer has identified by a well known virtual port. Every service on a host is identified by a unique 16-bit number called a port. Port scanning, a hacking technique helps the attacker in finding the available ports. Port scanning consists of sending a message to each port, one at a time. The kind of response received indicates whether the port is used and can therefore be probed further for weakness. This is often used by hackers to identify running services on a host with the view to compromising it.
The port numbers are divided into three major categories:
- Well Known Ports (0 – 1023)
- Registered Ports (1024 – 49151)
- Dynamic and/or Private Ports (49152 – 65535)
|Default ports & their services|
Check whether your computer is infected or not:
- Go to command prompt> Type netstat -n
- It will display all the active connections with ports (for e.g. in foreign address 220.127.116.11:80, 80 is the port number)
- Now type "tasklist" in command prompt, it will display all the processes with their process IDs (labelled PID).
- If you find any suspicious running process, then type "netstat -no" in command prompt and check the connection associated with that PID.
- At end, terminate the process using command "taskkill /PID 1786" where 1786 is the PID.