Analysis of the Technologies for Host and Port Scanning

Host scanning and port scanning are the basis for attacking information system. The technologies commonly used in these scans can be classified as ICMP scanning, TCP scanning and UDP scanning. We analyze these technologies and make comparisons among them. Totally, ICMP are mainly used to discover the host, while the TCP and UDP are mainly for port scanning, except for ACK. At the same time, using certain special TCP datagram such as SYN packets and ACK packets, and UDP datagram, we can make a host scanning in a secret manner.

[1]  Urjita Thakar,et al.  An approach to improve performance of a packet-filtering firewall , 2012, 2012 Ninth International Conference on Wireless and Optical Communications Networks (WOCN).

[2]  Li Zhu,et al.  Current State and Future Development Trend of Firewall Technology , 2012, 2012 8th International Conference on Wireless Communications, Networking and Mobile Computing.

[3]  Vincent Roca,et al.  IBTrack: An ICMP black holes tracker , 2012, 2012 IEEE Global Communications Conference (GLOBECOM).

[4]  Haitao Wu,et al.  ICTCP: Incast Congestion Control for TCP in Data-Center Networks , 2013, IEEE/ACM Transactions on Networking.