In my upcoming title, Dubious Mystery Tour, the protagonist complains about people using the airport's Internet access for things that are normally used in businesses, such as VPN. His complaint mentions ports. Today, we will be talking about ports.
What are ports? Are you talking about ships? No, there are many kinds of ports, including ports for connectors on televisions. However, what I am talking about are ports that are used for network communications. These ports are necessary to make connections to mail servers, which house email, or database servers, which keep records of business clients or membership records of the Church of Jesus Christ of Latter Day Saints (there's proof of one that can be easily figured out by the importance of one's membership record number, or in this case id number), as well as remote connections to other computers, in order to control them. These ports are not physical ports, but instead virtual ones. Ports, for the case of this post, are virtual gateways to other computers.
the default port numbers include, but are not limited to, are:
- SSH (this is used for remote connections and SFTP connections).
The latter three all deal with mail servers. Most email providers use a webserver for webmail access and the messages are sent via an SMTP server. The consumer mail clients will download the messages via POP3 or IMAP server are the only differences. VPN is somewhere in the 1000's range, while VNC, which is essentially a graphical version of SSH, is somewhere in the 5900 or higher range.
Why does the main character complain about this? When people setup servers for the first time, they usually use the default ports that are specified by server software, such as openSSH, Apache, and VSFTPD, all of which can be installed in either Ubuntu or Debian, both of which I have used in setting up a server system. Crackers or black hat hackers and grey hat hackers, commonly referred to as hackers, although the hacker community, such as the white hat hackers, does not want to call them, at least the black hat ones, hackers, will scan computers or networks for these ports that are accessible to them. For now, whether it be right or wrong, hackers and hacking will be referred to as cracking or crackers. All three classes of crackers will look for holes in the server software or operating system, which is how the system comes under attack. White hat crackers will often report the holes to the current developers of the software, while the black hat and grey hat crackers may not do so. the black hats wants to use data to damage their targets, whereas the gray hats may do the same or they may report it the current software developers, depending on what they gain. The motives between the three types are beyond the scope of this post, but this is the basic stuff. All that needs to be known is that the first target of a cracker's research is going to be the operating system, server software, and accessible default ports.
Computer experts mainly agree though that the default ports should not be used, as well as the fact that server software and operating system should be upgraded. Instead, the server software should be configured to use different ports. I cannot recommend any particular port numbers, since the ones that may come to my mind may be default choices as well. There is also the fact that I have not been out of college for very long, when this post was written.
In retrospect, Crackers are going to look for holes in server software and operating system, as well as any default ports that are accessible. The only way to make it harder, outside of updating operating system and server software, is to use non-standard ports.
What are your opinions on this post? Have any information to add on network ports? Feel free to comment.
Use an app on your phone (e.g. Scan for Android) to capture the image above. If successful, you should be taken to the web version of this article.