Port scanner

A port scanner is an application designed to probe a server or host for open ports. Such an application may be used by administrators to verify security policies of their networks and by attackers to identify network services running on a host and exploit vulnerabilities.

A port scan or portscan is a process that sends client requests to a range of server port addresses on a host, with the goal of finding an active port; this is not a nefarious process in and of itself.^[1] The majority of uses of a port scan are not attacks, but rather simple probes to determine services available on a remote machine.

To portsweep is to scan multiple hosts for a specific listening port. The latter is typically used to search for a specific service, for example, an SQL-based computer worm may portsweep looking for hosts listening on TCP port 1433.^[2]

^ Shirey, R. (August 2007). Internet Security Glossary. 2. IETF. p. 230. doi:10.17487/RFC4949. RFC 4949. Retrieved November 21, 2023.
^ "PRB: Unsecured SQL Server with Blank (NULL) SA Password Leaves Vulnerability to a Worm". support.microsoft.com. Archived from the original on 2006-03-03.

[1] Shirey, R. (August 2007). Internet Security Glossary. 2. IETF. p. 230. doi:10.17487/RFC4949. RFC 4949. Retrieved November 21, 2023.

[2] "PRB: Unsecured SQL Server with Blank (NULL) SA Password Leaves Vulnerability to a Worm". support.microsoft.com. Archived from the original on 2006-03-03.

[1]

[2]