Port scanning

The only way to protect your system from hacker attacks is to know how hackers carry out these attacks. When considering the fundamentals of hacker attacks, you have to think as a hacker. For example, what should be done first to break into a server or to test it for vulnerabilities? There is no clear answer to this question. Any break-in is a creative process and requires an individual approach. There are no clear-cut rules or ready-made templates. Nevertheless, a few practical recommendations can be given.

The first step in a break-in or vulnerability test is to scan the ports. Why? To find out what services (daemons, in Linux) are installed in the system. Each open port is a service program installed on the server, to which someone can connect and make it do certain things. For example, port 21 is used by the file transfer protocol (FTP) service. If a hacker can connect to this port, he or she will be able to download and upload files from and to the server. The hacker must acquire the corresponding rights to be able to do this, however.

The first 1,024 ports must be scanned initially. Many of them are used by standard services like FTP, hypertext transfer protocol (HTTP), and Telnet. Each open port is like a locked door to the server. The more doors the server has, the more chances there are that the lock on one of them can be picked. Therefore, you should only install those services that are necessary.

Storing User Parameters

HTTP does not support protracted connections. A new connection is created to receive each file in a page (i.e., a script, image, Flash animation, etc.). Consequently, the server cannot control whether the same user requested two different item (e.g., a script and an image), because for each of these a different connection would be created.

Page transitions also create new server connections; therefore, pages cannot be interlinked nor have common parameters. There are three ways to save parameter values when moving from one page to another. These are the following:

• Cookies: files stored on the client's computer. These can be:
• Temporary: stored in the memory of the client's computer only during the specific server connection.
• Permanent: stored on the client's hard drive until the specified time.
• Sessions.
• Implement your own connections, with the necessary parameters saved in database table and linked to the client.