How many cyber attacks are known? Those hackers like to attack the port's precautions.

The port is the logical interface between the computer and the external network, and is the first barrier of the computer, so the correct configuration of the port directly affects the security of our host. In general, it is safer to just open the ports you need to use, but turning off the ports means reducing functionality, so we need to balance some of the security and functionality. For those features that we don't need at all, there is no need to open the port to the hacker, so as an administrator, I close the protocols and ports that are not commonly used.

The following will help you understand which ports hackers often attack and how to prevent them. I hope that the majority of computer users can accumulate experience and prevent hackers from invading.

Because of its automatic attack and rapid propagation characteristics, the worm accounts for approximately 90% of network attacks, usually system scans or sync attacks. Among them, the source of most cyber attacks is the United States. According to ActiveScout, these worms multiply rapidly, and scans and attacks are separated for a short period of time and therefore cannot be artificially controlled. The worm also has the characteristics of repeated attacks, they will find the same port and invade these ports on a large scale. If people do not take precautions against worms, the success rate of attack/scan will reach 30%, that is, in 10 scans, 3 times will get results and can be attacked.

96% of scans are concentrated on ports

Port scans account for approximately 96% of network scans, followed by UDP (User Datagram Protocol) services, which account for 3.7%. In addition to these two, the remaining 0.3% are username and password scans, NetBIOS domain login information, and SNMP management data. Tel Aviv University has

Started efforts to prevent worm attacks and cyber attacks against NetBIOS vulnerabilities, as these attacks may infect all Windows systems. At the same time, the ISP is required to filter all NetBIOS traffic before sending traffic.

Some surveys have shown that in the past six months, the number of dangerous Internet traffic has increased by a factor of two; dark noise is mainly caused by network detection, and 45% to 55% of suspicious behaviors are hackers. Caused by computer scans; most attacks are automatic, small program attacks usually come from previously poisoned computers; the main reason for hackers to attack these networks is to find them can be used to spread spam and find special storage space for illegal files. The computer, or the machine that is available for the next attack.

10 ports are the most vulnerable

An organization I-Trap has collected data from 24 firewalls for 12 hours of work, which are located in 24 corporate intranets in Ohio and Between the Internet backbones provided by the local ISP. In the meantime, there were 12,000 hacker attacks on the port. The following table details the attack.

Port number service attack events description

135 and 445 windows rpc are 42 times and 457 times respectively, indicating that the latest windows virus or worm may be infected

57 email 56 hackers use the fx tool to scan this port to find the weakness of the Microsoft web server.

1080, 3128, 6588, 8080 The proxy service is 64, 21, 21, 163 times respectively, indicating that the hacker is scanning. >

25 smtp service 56 times is a signal for hackers to detect smtp servers and send spam

10000+ Unregistered services 376 attacks These ports usually return traffic, possibly due to improper configuration of the computer or firewall Previous12Next page Total 2 pages