Ports Information

PORTS
Ports work the same way. we have an IP address, and then many ports on that IP address. I mean many, a total of 65,535 TCP Ports and another 65,535 UDP ports

Network ports are provided by the TCP or UDP protocols at the Transport layer. They are used by protocols in the upper layers of the OSI model. Port numbers are used to determine what protocol incoming traffic should be directed to. Ports allow a single host with a single IP address to run network services. Each port number identifies a distinct service, and each host can have 65535 ports per IP address. Port use is regulated by the Internet Corporation for Assigning Names and Numbers (ICANN). By ICANN there are three categories for ports:

From 0 to 1023 – well known ports assigned to common protocols and services
From 1024 to 49151 – registered ports assigned by ICANN to a specific service
From 49152 to 65 535 – dynamic (private, high) ports range from 49,152 to 65,535. Can be used by any service on an ad hoc basis. Ports are assigned when a session is established, and released when the session ends.

TCP – 4,117
UDP – 4,068

Internet Corporation for Assigning Names and Numbers (ICANN)

20, 21 >>>File Transfer Protocol (FTP) TCP
22>>>Secure Shell (SSH) TCP and UDP
23 >>>Telnet TCP
25 >>>Simple Mail Transfer Protocol (SMTP) TCP
50, 51 >>>IPSec
53 >>>Domain Name Server (DNS) TCP and UDP
67, 68>>> Dynamic Host Configuration Protocol (DHCP) UDP
69>>> Trivial File Transfer Protocol (TFTP)  [ UDP]
80>>> HyperText Transfer Protocol (HTTP) [TCP]
110 >>>Post Office Protocol (POP3) [TCP]
119 >>>Network News Transport Protocol (NNTP) [TCP]
123 >>>Network Time Protocol (NTP) [UDP]

135-139 >>>NetBIOS [TCP and UDP]
143 >>>Internet Message Access Protocol (IMAP4) [TCP and UDP]

161, 162 >>>Simple Network Management Protocol (SNMP)[TCP and UDP]

389 >>>Lightweight Directory Access Protocol [TCP and UDP]

443 >>>HTTP with Secure Sockets Layer (SSL) [TCP and UDP]

DOMAIN NAME SYSTEM
DNS stands for Domain Name System. The main function of DNS is to translate domain names into IP Addresses, which computers can understand.

Top 10 best third-party DNS servers:

1.Google Public DNS Server. This is one of the fastest DNS servers which many users are using on their computers. …
2.OpenDNS. …
3.Norton ConnectSafe. …
4.Comodo Secure DNS. …
5.Level3. …
6.DNS Advantage. …
7.OpenNIC. …
8.Dyn.
10. DNS.Watch

What is Web browser explain the working of Web browser?
A web browser or frequently called as browser is an application software that is installed on a computer to provide access to the World Wide Web. It fetches the web pages from the server along with the necessary files like, images, flashes, videos etc, interprets them and then displays it on the screen.

How does web browsers work?

As a client/server model, the browser is the client run on a computer that contacts the Web server and requests information. The Web server sends the information back to the Web browser which displays the results on the computer or other Internet-enabled device that supports a browser.

IP ADDRESSES EXPLAINED
Every machine on the the Internet has a unique number assigned to it, called an IP address. Without a unique IP address on your machine, you will not be able to communicate with other devices, users, and computers on the Internet. You can look at your IP address as if it were a telephone number, each one being unique and used to identify a way to reach you and only you.

ALL ABOUT NETWORKS
With so much of Computer use these days revolving around the Internet and communicating with others, its important that you understand what exactly a network is. Without networks, all communication between your computer and other computers whether it be instant messaging, email, web browsing, or downloading music could not be achieved

What is an attack?
Attacks are the techniques that attackers use to exploit the vulnerabilities in applications.

Vulnerability
A website vulnerability is a weakness or misconfiguration in a website or web application code that allows an attacker to gain some level of control of the site, and possibly the hosting server. Most vulnerabilities are exploited through automated means, such as vulnerability scanners and botnets.

Vulnerability
Web application vulnerabilities involve a system flaw or weakness in a web-based application. They have been around for years, largely due to not validating or sanitizing form inputs, misconfigured web servers, and application design flaws, and they can be exploited to compromise the application’s security.

Top Five most Common web application attacks.
Bots and web scraping
DDoS attacks
Cross-site scripting (XSS)
SQL injection
Malware

Bots and web scraping
Bots are the software agents that perform automated tasks, but all the bots are not beneficial. According to recent Imperva research one-third of the internet, traffic is generated by these bad bots.

Attackers creating botnets that contain connected devices like home routers, closed-circuit TVs, and DVRs to launch DDoS attacks. Spambots use to collect email address from various available sources and send junk or spam emails in large quantity.

An Anti-bot solution should be in place to block these bad bots and allow only beneficial bots that includes search engine bots, such as the Googlebot to do their job.

DDoS Attack
DDoS Attack (Distributed Denial of Service) is a type of attack which originates from multiple computers or devices. The Aim of DDoS Attack is when multiple systems overflow the bandwidth or resources of a targeted system, usually one or more web servers. Such as DDOS Attack is often the result of multiple compromised systems (for example, a botnet) deluging the targeted system with traffic.

An organization should always ensure and focus on maximum Protection level for enterprise networks and you can try a free trial to Stop DDoS Attack in 10 Seconds.

Enterprise Networks should choose the best DDoS Attack prevention services to ensure the DDoS attack protection and prevent their network and website from future attacks Also Check your Companies DDOS Attack Downtime Cost.

Three types DDOS of Attack

Volumetric attacks – Which includes include UDP floods, ICMP floods, and other spoofed-packet floods.

Protocol attacks – It includes SYN floods, fragmented packet attacks, ping of death, Smurf DDoS and others.

Application layer attacks include low-and-slow barrages such as GET/POST floods, as well as application-saturating attacks that target Apache, Windows or OpenBSD vulnerabilities, Slowloris, NTP amplification, HTTP food and zero-day DDoS attacks.

Cross-site Scripting
XSS is one of the dangerous Web Application Attacks, In this case, an attacker can inject untrusted snippets of JavaScript into your application without validation. This JavaScript is then executed by the victim who is visiting the target site. After the user clicks the URL, the codes get changed and it gives access to the attacker to steal personal data and other critical information.

Attackers can use XSS attacks to inject malicious javascript and modify page content and redirecting users to other online scam sites.

SQL Injection
SQL injection is a technique which attacker takes non-validated input vulnerabilities and inject SQL commands through web applications that are executed in the backend database.his type of attack is done when there are loopholes in the execution of software or applications and this can be prevented by thoroughly examining the various input fields like comments, text boxes, etc.

A successful SQL injection could lead to the loss of customer trust and attackers can steal phone numbers, addresses, and credit card details. Placing a web application firewall can filter out the malicious SQL queries in the traffic.

Malware
Malware distributed based on social engineering methods like phishing or by exploiting a system vulnerability. Common malware types include ransomware, worms, trojans, rootkits, adware, and spyware.

Malware’s can be injected by exploiting the Website and Server Vulnerabilities, once installed it gains access to sensitive parts of an application, enabling file execution and system configuration changes.

Data breaches and cyber-attacks have intensified the need for website security. 2017 is the year of data breaches and ransomware, now attackers shifted their focus to crypto mining attacks by using victims resources.

Protecting your site against the common threat is important if the website is breached then your reputation is at stake and customers may lose personal information.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.