Outside and Inside Hacker Deterrents – Part Three

Joe Loucks

On January 16th In IP Solutions, IP Tech Tips

Software Ports and Network Scanning

In order to use the benefits of the Internet for electronic security devices specific software ports in a network’s firewall(s) must be opened to allow outside traffic to enter the network. The opening of software ports in the firewall for authorized device viewers/users also provides the opportunity for outside hackers to penetrate into a LAN.

Hackers use scanning software programs to investigate target public IP addresses to see what ports are open, and if possible to find out more information about the device that is programmed to communicate over an open port. A common network scanning software is NMAP/ZenMAP, which is used not only by hackers but also by IT personnel who are checking the security settings of their own network.

There are 65,534 software ports in TCP/IP Internet and LAN communications. Some ports are designated for specific network services, such as port “80” for Hypertext Transfer Protocol (http) and port 443 for “https” (Secure HTTP).  Smart security technicians will select port numbers for IP cameras, DVRs, etc. that are higher than 1500. Most hackers will scan the first 1000 or 1500 software ports on a target IP address, as it can take literally hours to scan all of the 65,534 potential port numbers. So picking software port numbers that are higher than 1500 will force an outside hacker to perform an arduous scan to find the open ports in the firewall.

Open ports are a reality in modern networks to allow outside users to access servers and devices within LANs from Internet-connected devices. Because the ports must be opened security technicians should see the importance of the strong passwords detailed in a previous post, as well as making sure that clients practice proper protection of password information.