Port scanning is a prosaic area of network security . For the network administrator, it is the equivalent of knocking on all the doors of a house to see if anyone is around. In an age when any open holes in . . .
Port scanning is a prosaic area of network security . For the network administrator, it is the equivalent of knocking on all the doors of a house to see if anyone is around. In an age when any open holes in a network are dangerous, however, a simple port scanner can be an invaluable tool.

But there is no reason to run out and purchase a piece of scanning software. There are numerous Linux-based scanning products available for free, and two of them do as good a job as any commercial product. Moreover, because these open-source products are continually updated -- by white-hat and black-hat hackers alike -- it also can be argued that they have a better handle on all the ways network ports can be exploited.

Though port scanning is a popular tool of attackers on the prowl for services and applications they can penetrate, it also can be used to defend networks by finding those holes first. "Port scanning is a good way to measure the exposure of a given host from the point of view of the network, which is very often the point of view of a potential attacker," Renaud Deraison, the developer of Nessus, a security vulnerability scanner, told NewsFactor. "The more services are exposed on the network, the higher the chances are that one of them is misconfigured or buggy and may be exploited by an attacker to gain more information on the host -- or even gain control of it."