[Tips] Testing common weaknesses ports
On your Penetration Testing, you usually need to conduct a port scanning for identify open ports and running services. On this topic, i am guide some weaknesses ports that you should test.
What is Ports?
Ports act as logical communications endpoints for computer and are used on the Transport layer of the OSI model by protocol. There are 65,536 ports altogether, numbering between 0 and 65,535.
|Port Range||Category Type||Description|
|0 – 1023||Well-known Ports||This range defines commonly used protocol. They are designated by IANA (Internet Assigned Numbers Authority), which is operated by ICANN (Internet Corporation for Assigned Names and Numbers)|
|1024 – 49,151||Registered Ports||Ports used by vendors for proprietary applications. Theses must be registered with the IANA. For example, Microsoft registered 3,389 for use with the Remote Desktop Protocol (RDP)|
|49,152 – 65,535||Dynamic and Private Ports||These port can be used by applications but cannot be registered by vendors.|
These are two type ports:
- Inbound ports – used when another computer wants to connect to a service or application running on your computer. Servers primarily use inbound ports so that they can accept incoming connections and serve data.
- Outbound ports – used when your computer wants to connect to a service or application running on another computer. Client computers primarily use outbound ports that are assigned dynamically by the operating system.
Below is the list of common weaknesses ports
Tips: You can scan all these ports by using Nmap:
nmap -sT -sV -p 21,80,443,873,2601,2604,3128,4440,6082,6379,8000,8008,8080,8081,8090,8099,8088,8888,9000,9090,9200,11211,27017,28017 –max-hostgroup 10 –max-parallelism 10 –max-rtt-timeout 1000ms –host-timeout 800s –max-scan-delay 2000ms -iL iplist.txt -oN result/port.txt –open