From the course: Wireshark: Malware and Forensics
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Ports related to malicious activity - Wireshark Tutorial
From the course: Wireshark: Malware and Forensics
Ports related to malicious activity
- [Instructor] Hackers use ports to get in and attack a system and also to get out of a system without being noticed. Port 80 is a default port for HTTP. Several attacks use port 80 to gain access to backend services, and include buffer overflows, SQL injections, and cross-site scripting. To exit a system, hackers can use DNS over port 53, as this protocol is generally open and security devices seldom examine or filter DNS traffic. There are 65,535 TCP and UDP ports available to the operating system. The Internet Assigned Numbers Authority divides the port numbers into three ranges. The well-known ports range from zero to 1,023. The registered ports range from 1,024 to 49,151. And the dynamic and private ports are those that range from 49,152 through 65,535. Here we see a list of commonly used ports. And of course, there are many, many others. When configuring a system, use only necessary services, as some applications are insecure and deprecated, such as Telnet, which uses port 23…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.