What is Port Scanning?
Risk Ledger's Port Scanning automatically monitors suppliers’ digital assets for open ports that are frequently targeted in cyber attacks.
The scanning focuses on the most critical ports across remote access, database services, web management, file sharing, and infrastructure components, empowering both clients and suppliers to collaborate on meaningful security improvements.
What are the Key Features of Port Scanning?
Automated and continuous scanning of supplier assets and ports (Including unclaimed profiles)
Targeted port coverage to reduce noise and surface the more relevant findings
Scans 25+ critical ports across 5 key categories: Remote Access, Database, Web Services & Management, File Sharing, and Infrastructure
Where the service behind the open port has a known exploited vulnerability we raise an infraction.
Risk-based prioritisation with severity ratings and contextual explanations.
What ports are we scanning?
We’ve chosen to scan and highlight specific open ports that are frequently targeted in cyber attacks. This helps companies quickly identify and address potential vulnerabilities, focusing on those that pose the most significant risk.
For each scan, we will give it a severity rating, outline the issue found, and explain why we’ve given it the respective severity rating. For some port scans, we also include an explanation about the port and why it’s important.
Category | Port Numbers | Services |
Remote Access | 22, 23, 3389, 5800/5900 | Secure Shell (SSH), Telnet, Remote Desktop Protocol (RDP), Virtual Network Computing (VNC) |
Database | 1433, 3306, 5432, 6379, 27017/27018 | Microsoft SQL Server (MSSQL), MySQL/MariaDB, PostgreSQL, Redis, MongoDB |
Web Services & Management | 80/443, 8080/8443, 8008/8888, 4443/8834, 10000 | Hypertext Transfer Protocol (HTTP)/Hypertext Transfer Protocol Secure (HTTPS), Alternative HTTP/HTTPS, Alternative HTTP, Nessus, Webmin |
File Sharing | 21, 445, 139 | File Transfer Protocol (FTP), Server Message Block (SMB), Network Basic Input/Output System (NetBIOS) |
Infrastructure | 111, 135, 1521, 5000/5001, 9200/9300, 2375/2376, 10250, 8086, 9090 | Remote Procedure Call bind (RPCbind), Microsoft Remote Procedure Call (MSRPC), Oracle Database (Oracle DB), Application Programming Interface (API) ports, Elasticsearch, Docker, Kubernetes, InfluxDB, Prometheus |
How do I access Port Scanning?
For Suppliers, go to Monitoring > Port Scanning via the in-platform sidebar:
For Clients, select your supplier, navigate to the External Monitoring tab on their profile, and select Port Scanning:
This is what the overview page for Port Scanning looks like:
Click on a specific port to view the findings in more detail, as shown below:
What is the risk from open ports?
Open ports can pose a security risk if they are not properly secured. They can provide unauthorised access to a network or device for attackers. Firewalls are essential for monitoring and filtering unwanted access.
The danger of open ports comes from services listening on them that are misconfigured, unpatched, or vulnerable to exploits. While port 80 (HTTP) doesn't inherently pose a security threat, if left accessible without proper configurations, malicious actors can exploit it to breach systems and access data. Unlike the encrypted port 443 (HTTPS), port 80 lacks encryption, making it susceptible to cybercriminals who can infiltrate, expose, and manipulate sensitive information
We classify findings into issues and informational findings, with varying levels of severity
How can I remediate the risk?
To secure open ports on your network or device, consider these steps:
Leverage a firewall: Use a firewall to filter incoming and outgoing traffic.
Regularly update and patch software: Keep your software updated to prevent vulnerabilities.
Implement strong access controls and authentication mechanisms: Ensure robust security measures for accessing your network.
Close unnecessary ports: Shut down any ports that are not actively in use.
How frequently are port scans run?
Port scans are run on a scheduled weekly basis using a third party provider. For more information, to opt out of port scanning or questions reach out to support@riskledger.com.
💡 If there is anything we haven't covered, please feel free to contact us at support@riskledger.com or alternatively, select the Chat icon in the bottom right corner.