A service scan is a check for services running on open ports to identify potential vulnerabilities on a computer. Such scans can be useful for security checks on computers connected to the Internet that may be vulnerable to hacking. Hackers and crackers use them to find computers they can easily attack through insertions of malicious code and other activities. It is possible to download service scanning software or to use an Internet-based scanner, although it is important to use one from a reliable source to avoid exposing a computer to malicious code.
In a service scan, the program looks for any services currently running on open ports. It returns a list of services and correlated ports, which provides information about what a system is being used for and which ports are available. It may also provide insight into networked computers and other devices, depending on what kinds of results it returns. A knowledgeable computer professional can review the service scan results and use them to generate useful data about a system.
Network administrators and other information technology professionals can use a service scan to test a system. If they believe a computer should be secure, they can use the scan to locate any vulnerabilities that might be visible to a hacker using a similar scan. Some system administrators routinely screen their whole networks for vulnerable machines, especially in settings like college campuses where users have administrative access to computer settings and might inadvertently create vulnerabilities.
In the hacking and cracking communities, a service scan can show which kinds of services are vulnerable to exploit. The scan can be run from a website that the user lands on, a malicious program, or a link clicked when a user opens email. It feeds data back to the hacker and helps that person determine if a computer system is worth cracking, and how difficult it would be to crack.
Computer users concerned about service scans of their systems to check for weak spots can use some measures to protect themselves. This includes keeping antivirus and security software up to date, using a firewall to control the transmission of data, and using common sense when it comes to visiting websites and clicking links. Links in email should not be clicked unless they are from a reliable source and appear valid, and it is important to be careful when clicking on search results as well, as contaminated websites may crop up before the search company can de-index them.