Readers who have some knowledge about hackers will know that those so-called hackers don't just fall from the sky as people think, but actually come and go freely from your computer door. The door of a computer is what we usually call a port, including the physical ports of the computer, such as serial port, parallel port, input/output device and adapter interface (these ports are all visible), but more are invisible software ports. The ports introduced in this paper all refer to software ports, but for the convenience of explanation, they are collectively referred to as ports. This paper only introduces the basic knowledge of ports.

The port is the outlet for the equipment to communicate with the outside world.

In a computer network, a port is an endpoint of communication in an operating system. Although the term is also used for hardware devices, in software, it is a logical structure that identifies a specific process or a certain type of service.

The port is always associated with the host's address and communication protocol type, thus realizing the communication session between the source address and the destination address. For each address and protocol, it is identified by a 16 bit port number.

A specific port number is usually used to identify a specific service. Among thousands of enumerated ports, the well-known port number 1024 is reserved to indicate the service type on the host. The protocols that mainly use ports are transport layer protocols, such as Transmission Control Protocol (TCP) and User Datagram Protocol (UDP).

In a direct point-to-point link, when two computers can only run one program at a time, ports are unnecessary. When a computer can execute multiple programs at the same time and connect to a packet data network, ports are essential. Under the application architecture of client server, the port used for service initialization connected by network client provides multiplexing service. After the initial communication is bound to a well-known port number, the port will be released for other clients to access.

For example, why can a server be a Web server, an FTP server, a mail server, and so on? One of the most important reasons is that various services use different ports to provide different services. For example, TCP/IP protocol stipulates that Web uses port 80, FTP uses port 2 1, and mail server uses port 25. In this way, the computer can communicate with the outside world without interference through different ports.

The maximum number of server ports can be 65535, but in fact there are only dozens of commonly used ports, which shows that there are quite a few undefined ports. This is why so many hacker programs can define a special port in some way to achieve the purpose of intrusion. In order to define this port, you need to rely on a program to automatically load it into memory before the computer starts, and forcibly control the computer to open that special port. This program is a backdoor program, and these backdoor programs are usually called Trojan horses. To put it simply, these Trojan horse programs first implant a program in a personal computer by some means, open a specific port, commonly known as the back door, so that this computer becomes an FTP server with extremely high openness (users have extremely high rights), and then achieve the purpose of intrusion through the back door.