Challenge 1: Port Scan Analysis
Identify suspicious open ports that could pose security risks.
Scenario: Your perimeter firewall has detected a port scan. Review the open ports below and identify which ones are suspicious and should be investigated immediately.
Port Scan Report - Server: web-prod-01
| Select | Port | Service | State | Protocol |
|---|---|---|---|---|
22 |
SSH | Open | TCP | |
23 |
Telnet | Open | TCP | |
80 |
HTTP | Open | TCP | |
443 |
HTTPS | Open | TCP | |
445 |
SMB | Open | TCP | |
3306 |
MySQL | Filtered | TCP | |
1433 |
MSSQL | Open | TCP | |
3389 |
RDP | Open | TCP |
Common Ports Reference
Generally Safe Ports:
- 22 (SSH): Secure remote access
- 80 (HTTP): Web traffic
- 443 (HTTPS): Secure web traffic
Potentially Dangerous:
- 23 (Telnet): Unencrypted, outdated
- 445 (SMB): Often exploited
- 3389 (RDP): Brute force target
- 1433 (MSSQL): Database exposure