Testing Internet Security

Testing Internet Security
Ports are the gateways inside your computer. When a computer program wants
to communicate with a remote computer, it makes a connection to the remote
computer through a port that it will use to talk with the computer. Each computer
has thousands of ports — 65,535 to be exact. You can think of the different
ports as a bunch of different mailboxes. When a program wants to send data
to a remote computer, it sends it to a specific port (mailbox) number. Then,
provided that a program is on the remote computer that is set up to receive
data at a particular port (mailbox), the remote computer can then work with
the data it was sent.
Theoretically, nothing is wrong with this scenario. In the real world applications
don't always work this way. Sometimes, applications are sent data they
are not programmed to receive. This can cause errors and unexpected behavior
that may execute code a remote attacker is sending it. The result is that a remote
attacker can gain access or infect your computer using a flaw in the application.
The technical name for data sent to a program that results in bypassing
security is an exploit.
Now that you know the basics of how attacks work, you will use various utilities
to check for open ports that allow other users to connect. In theory, if you
have no ports open, then it is next to impossible to break into your computer. To
detect the ports on your computer that are open to the entire Internet, it is best
to use a web-based port scanner. If your computer is on an internal network
and is behind a firewall or router, a Future Techsoftware-basedport scanner will show you
what ports are open internally.
First, check your external port exposure, which everyone on the Internet can
see. To do this, you will use a web-based port scanner. Various web sites offer
such scanners and are also free of charge. I personally like to use GRC.com to
do my testing. Follow these steps to test your external connection:
1. Open a copy of either Internet Explorer or Firefox and navigate to
www.grc.com/x/ne.dll?bh0bkyd2.
2. When the page loads, click the Proceed button.
3. Click All Service Ports to begin the scan.
4. When viewing the results, make sure that everything is in the green or
blue. You do not want any ports to be open, which is indicated with red.
Green indicates your computer did not respond at all giving your computer
a stealth look. Blue indicates your computer responded that the
tested port was closed.
you can find out how to close those in the Firewall section, but first, if you are
connected to an internal network, it is a good idea to test your internal vulnerability.
As I mentioned earlier, it is best to use a software port scanner for testing
your internal vulnerability. For this test, you learn how to use Axence NetTools,
a comprehensive network tools suite with a fast port scanner. To get started, visit
www.axencesoftware.com/index.php?action=FreeNT and download the latest
copy of NetTools. Then follow these steps to scan your computer's local ports:
1. After you have downloaded and installed Axence NetTools, click the Start
button, type nettools in the Search box, and then press Enter.
2. After NetTools starts, click the Scan host option on the far right of the
icon bar.
3. In the address box, type localhost. If you want to scan a different
computer, you can type the IP address of any computer in this box.
4. Set the port range for it to scan. In NetTools you have five options: Services,
Ports (well known), Ports (well known-extended), Ports (range), and Ports
(trojans). For this section you are going to use Ports (range) to scan all
possible ports. The other selections scan only the more popular ports
where known applications are running. If you want a quicker scan, I
recommend using Ports (well known-extended). Because you want to
do a complete scan here, select Ports (range). The two ports boxes will
be enabled. Enter 65535 in the end Ports box so that it goes through all
possible port numbers.
5. Press Scan next to the Address box and watch the results appear.
It can take more than an hour to scan all 65,353 ports on your computer,
depending on your hardware. After it is finished, you will have a list of all ports
that are open in your computer. You will find out how to close these ports later
in the "Using a Firewall" section.