I'm studying to pentest, so I basically start with networking, programming, and pentest methods, but in a book called The Basics of Hacking and Penetration Testing on Port Scanning, she says that "she tries to log on to any remote access that were discovered on your doorstep scan", but the problem starts here, I began to be in doubt about the relationship between ports and their services, and how to deeply understand things like:
80 / tcp open http openresty
443 / tcp open ssl / https
8080 / tcp open http-proxy?
So i was searching google about ssl, openresty, in the case https and http i study from some about networks but still i was only touching on deeper knowledge and dispersed on the internet, so i would like one or more books that deal specifically with the part practice a network traffic analysis and recommend other books to better understand processes for answering questions like "oh cool, but which port is associated with remote access?".
I've researched remote access and found that port 3389 is commonly used at first, but I feel that's not what that quoted part of the book meant.
Thanks and sorry for my bad english!
First off, I have not read the book, so I cannot comment on it.
However, I can give some direction on what the nmap scan means and what your next steps would likely be.
The line
80 / tcp open http openresty
means that TCP port 80 is open, the protocol name is "http" and the server is running "openresty".
For port 80, your next step would be to run some sort of fingerprinting on that server. For example, an "nmap -sV -p 80" scan or run some tool like Sparta or Nikto.
This should be done to identify the version of openresty on the server. The next step would be to see if there are any login pages exposed on the server. If you do find login pages, you could try brute-forcing the login to get access.
Or, using the version of openresty, you could search for exploits for that version of openresty (usually via Google search, or some exploit database like "exploit-db.com"). Then use those exploits to gain access to the server, or do a DoS for example.
However, when you do any of this, make sure you get permission from your target to do this, or be aware that there can be consequences. If you are just starting to learn about this stuff, it would be better to create your own VM with DVWA deployed on it. That would be your target for practice.
Hope that helps.