CPU transmits data with peripherals through interface registers or special circuits (called ports).
The ports in the hardware field are also called interfaces, such as parallel ports and serial ports.
In network technology, ports have several meanings. The ports of hubs, switches and routers refer to the interfaces connecting other network devices, such as RJ-45 port and serial port. The port we are talking about here is not a physical port, but a port in TCP/IP protocol, which is a logical port.
Buffer.
Hosts with IP addresses can provide many services, such as Web services, FTP services, SMTP services and so on. These services can be completely realized through 1 IP address. So, how does the host distinguish different network services? Obviously, you can't just rely on ip addresses, because IP addresses and network services have a one-to-many relationship. In fact, different services are distinguished by "IP address+port number".
It should be noted that the ports are not in one-to-one correspondence. For example, when your computer accesses the WWW server as a client, the WWW server uses the "80" port to communicate with your computer, but your computer may use the "3457" port.
Someone once compared the server to a house and the port to a door leading to different rooms (services), which is a good metaphor if details are not considered. If an intruder wants to occupy the house, he will definitely break into the house (physical invasion is another word), so it is very important for the intruder to know how many doors the house has opened, what kind of doors it is and what is behind them.
Intruders usually use scanners to scan the ports of the target host to determine which ports are open. From the open port, intruders can know what services the target host provides, and then guess the possible vulnerabilities. Therefore, scanning ports can help us better understand the target host. For administrators, scanning the open ports of this machine is also the first step to do a good job of security prevention.
According to the size of the port number classification, can be divided into the following categories:
(1) WellKnownPorts: from 0 to 1023, which is closely bound to some services. Usually, the communication of these ports clearly indicates the protocol of a certain service. For example, port 80 has always been HTTP communication.
(2) Registration port: from 1024 to 49 15 1. They are loosely bound to some services. In other words, many services are bound to these ports, and these ports are also used for many other purposes. For example, many systems handle a dynamic port of about 1024.
(3) Dynamic and/or proprietary ports: from 49 152 to 65535. Theoretically, these ports should not be assigned to services. In fact, machines usually allocate dynamic ports from 1024. But there are exceptions: SUN's RPC port starts at 32768.
A common technique is to redirect a port to another address. For example, the default HTTP port is 80, and many people redirect it to another port, such as 8080. If this is the case. Redirection is implemented to hide the identified default ports and reduce the damage rate. In this way, if someone wants to attack a recognized default port, they must scan the port first. Most port redirection is similar to the original port, for example, most HTTP ports are changed from 80: 8 1, 88,8000,8080,8888. Similarly, the port of POP was originally in 1 10, and it is often redirected to 1 100. There are also many cases where statistically significant numbers are selected, such as 1234, 23456, 34567, etc. Many people choose strange numbers for other reasons, 42, 69, 666, 3 1337. More and more remote control Trojans use the same default port. For example, the default port of NetBus is 12345. Blake. Swopes pointed out that there is another reason to use redirection ports. On UNIX systems, if you want to listen on ports below 1024, you need root privileges. If you don't have root permission, you need to install it on a higher port if you want to open a web service. In addition, some ISP's firewalls will block low-port communication, so even if you own the whole machine, you still need to redirect the port.