cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1286
Views
0
Helpful
3
Replies

Network Ports

sfaisalnaseem
Level 1
Level 1

I have opened one port e.g. (50000) inbound rule in windows firewall in my PC. when I try with  (netstat -a) in command line that port is not showing. Even I restarted the PC but still the same thing. I tried with (nmap) but that port is not there. In nmap only 6/7 ports are showing which is open. but in netstat so many ports are showing with status LISTENING, ESTABLISHED.

 

1) my question is do I need to associate some service in that port? how to do that.

2) suppose I opened one port and no service is running. Do a hacker can enter through that port?

 

Regards,

 

Syed Faisal Naseem

1 Accepted Solution

Accepted Solutions

Joel
Level 1
Level 1

Hi,

Yes you need a service bound to that port. If I was to run on a windows host netstat -aon I will see my host listening on port 3389 for instance  (RDP). The port is 3389, the 1404 is the PID, which under task manager is  TermService. 

 

 TCP    0.0.0.0:3389           0.0.0.0:0              LISTENING       1404

 

The option -a = All connections and listening ports o= Displays the owning process ID associated with each connection and -n displays addresses and port numbers in numerical form.

 

In terms of hacking, why would you open a port if nothing is bound to it? If you nmap the machine, I believe it would be classed as an closed port. This could give you at least OS detection, which could lead to a more specific and targeted attack. I suggest closing ports that are not required.  NMAP guide https://nmap.org/book/man-port-scanning-basics.html

 

joel

 

View solution in original post

3 Replies 3