• Like
Network scanning
Upcoming SlideShare
Loading in...5

Thanks for flagging this SlideShare!

Oops! An error has occurred.

Network scanning


A quick guide to describe the basic of Network and network scanning by oceanofwebs.com

A quick guide to describe the basic of Network and network scanning by oceanofwebs.com

Published in Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
No Downloads


Total Views
On SlideShare
From Embeds
Number of Embeds



Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

    No notes for slide


  • 1. Network Basics• A netowk consist of 3 parts1. IP Address2. Services3. Port• IP Addresses– An address is comprised of two parts- a network addressand a host address and determined by the subnet mask.– A simple example is with a subnet mask of255.255.255.0.• 192.168.1 is the network address (the network) and.1 is a host address on that network.Oceanofwebs.com 1
  • 2. • Services– The network protocol that listens for incomingconnection requests and links the server applicationwith the client– Typically each service runs on a set of specific ports– In actuality, any service can run on any port• Therefore, you should put only limited trust in port/servicemappings.– Use an application scanner (service detection) toensure find out what application is really running onthat port.– Nmap has service detection2Oceanofwebs.com
  • 3. • Ports• A port is where a service listens for connections• Common services use common well-known ports• Could use any port as long as both the server andthe client know which port to connect to• Ports allow different services to be available fromone location or IP Address3Oceanofwebs.com
  • 4. Scanning• Types of scanning– Host (Ping) Scanning– Port Scanning– Vulnerability Scanning4Oceanofwebs.com
  • 5. Host Scanning• Hackers perform host scanning to locateand identify hosts on the network.• Usually by “pinging” a range of IPaddresses.• Host which respond to pings may betargeted for attack.5Oceanofwebs.com
  • 6. Port Scanning• Hackers perform Port Scans to determine whatservices a host may be running.• By knowing the services the hacker can attemptattacks against known vulnerabilities in theservice.• Port scans attempt to make initial connection toservice running on a particular port number.• Port scans are invasive and are easily detected byIntrusion Detection and/or firewalls.6Oceanofwebs.com
  • 7. Vulnerability Scanning• What is vulnerability scanning?– Used to find known flaws within an applicationor network.– These scanning tools are typically signaturebased and can only find vulnerabilities that thetools know about.– Many good commercial and freeware tools areavailable.7Oceanofwebs.com
  • 8. Scanning Tools• Host & Port Scanning– Nmap• Vulnerability Scanning– GFI and Nessus8Oceanofwebs.com
  • 9. 9Oceanofwebs.com
  • 10. Scanning Tool - Nmap• The only port scanner you’ll need• Pros– FREE– Continually Updated– OS Detection and Service Detection– Support for both Windows and Unix• Cons– No standard Graphical User InterfaceLINK: (www.insecure.org)10Oceanofwebs.com
  • 11. Scanning Tool- SuperScanPro’s– FREE download from Foundstone– Very stable, Fairly fast– Graphical User InterfaceCon’s– Windows version only– No stealth options, no Firewall Evasion– Service Detection/Application Mapping• LINK: (www.foundstone.com)11Oceanofwebs.com
  • 12. 12Oceanofwebs.com
  • 13. Scanning Tool – Nessus• Pros– Nessus is free– Large plugin or signature base– You can customize and create new plugins• Cons– Tenable took Nessus private (closed source)– Purchasing plans for new plugins– Shareware plug-ins are seven days behindLINK: (www.nessus.org)13Oceanofwebs.com
  • 14. Scanning Tool –GFI LANguard Network Security Scanner• Pros– Port Scanner, Enumeration, and Vulnerability Scanner– Many features such as SNMP and SQL brute force– Great for Windows networks• Cons– Lacks extensive signatures for other operating systems– Look to Nessus for scanning heterogeneous networks14Oceanofwebs.com