Packets Are Returned from CLOSED ports

How to send packets to a closed port

All network administrators need to know how to send packets to a port that is not listening, or to send packets to any port of their choice. The easiest way, and a way that is available at all times is to run the telnet command and tell it to connect to a port other than port 23. The command to do this is:

telnet host port

So for instance, if I wanted to test port 80 on a machine named shaula.csit.parkland.edu I would enter the command:

telnet shaula.csit.parkland.edu 80

Connecting to a port of your choice

Here is an example of connecting to port 80 of a known web server. Try it for yourself, what happens?

If I wanted to test a machines' port 23 I could just issue the telnet command itself like this:

The Reset (RST) packet

RST Packets

As you can see from this screenshot of an Ethereal capture, the first thing that my host did after running the telnet www.csit.parkland.edu 23 command was to ask it's configured DNS Server what the IP address of the host was. Note that the DNS server returned the IP address of the host shaula.csit.parkland.edu, which is another name for www.csit.parkland.edu. The next thing our host did, once it knew the Ip address of the server was was generate a SYN packet for port 23 on the server. Remember, this server is NOT listening on port 23. The server then returns a RST packet. The server returns a RST packet for as many SYN packets on closed ports that it gets. Note that my client tried multiple times before giving up, which is common among many OS'es.

| Top |