SlideShare a Scribd company logo

An Toan Thong Tin.pptx

Download as PPTX, PDF
V
VuongPhm

An Toan Thong Tin

Software
1 of 17
Scanning Networks
Contents 1) Introduction 2) Scanning methodology 3) Checking for Live systems 4) Scanning techniques 5) Scanning countermeasures
Introduction • Network scanning refers to a set of procedures for identifying hosts, ports, and services in a network. • Network scanning is one of the components of intelligence gathering an attacker uses to create a profile of the target organization Objectives of network scanning (1) To discover live hosts, IP address, and open ports of live hosts (2) To discover operating systems and system architecture (3) To discover services running on hosts (4) To discover vulnerabilities in live hosts
Scanning methodology 1) Check for live systems 2) Check for open ports 3) Scanning beyond IDS 4) Banner grabbing 5) Scanning for vulnerabilities 6) Draw network diagrams 7) Prepare proxies 8) Scanning Pen Testing Check for live systems Check for open ports Identify services Banner Grabbing/OS fingerprinting Scan for vulnerability Draw network diagrams of vulnerabilities hosts Prepare proxies Attack
Check for live systems – ICMP Scanning • Ping scan involves sending ICMP echo requests to a host. If the host is live, it will return an ICMP echo reply • This scan is useful for locating active devices or determining if ICMP is passing through a firewall • Tools: Nmap, Angry, IP Scanner, SolarWinds, Ping Scanning Pro,…
Check for open ports • Three-way handshake: TCP uses a 3-way handshake to establish a connection between server and client • TCP connect scan detects when a port is open by completing the 3-way handshake • TCP connect scan establishes a full connection and tears it down by sending RST packet Tools: Nmap, Hping
Check for open ports (cont.) – UDP Scanning Tools: Nmap, NetScan Tools Pro, Advanced Port Scanner,…
Port Scanning Countermeasures • Configure firewall, IDS rules: block unwanted ports • Hide sensitive information from public view • Ensure that mechanism used for routing & filtering at routers, firewalls cannot be bypassed
Scanning beyond IDS IDS evasion techniques • Use fragmented IP packets • Use source routing • Spoof IP address • Proxy servers
Banner Grabbing • Banner grabbing or OS fingerprinting is the method to determine the operating system running on a remote target system. There are two types of banner grabbing: active and passive • Identifying the OS used on the target host allows an attacker to figure out the vulnerabilities the system poses and the exploits that might work on a system to further carry out additional attacks • Tools: ID Serve, Netcraft, Netcat
Banner Grabbing Countermeasures • Display false banners to misguide the attackers • Turn off unnecessary services on the network host to limit the information disclosure
Vulnerability Scanning • Vulnerability scanning identifies vulnerabilities and weaknesses of a system and network in order to determine how a system can be exploited Network topology and OS vulnerabilities Application and services vulnerabilities Tools: SAINT, OpenVAS, Nexpose, Retina
Draw network diagrams • Drawing target's network diagram gives valuable information about the network and its architecture to an attacker • Network diagram shows logical or physical path to a potential target • Tools: Network View,…
Prepare proxies • A proxy is a network computer that can serve as an intermediary for connecting with other computers • Proxy chaining • Tools: ezProxy,…
Scanning Pen Testing • Pen testing a network for scanning vulnerabilities determines the network’s security posture by identifying live systems, discovering open ports, associating services and grabbing system banners to simulate a network hacking attempt • The penetration testing report will help system administrators to:
Scanning Pen Testing
Summary • The objective of scanning is to discover live systems, active/running ports, the operating systems, and the services running on the network • Attacker determines the live hosts from a range of IP addresses by sending ICMP ECHO requests to multiple hosts • Attackers use various scanning techniques to bypass firewall rules and logging mechanism, and hide them selves as usual network traffic • Banner grabbing or OS finger printing is the method to determine the operating system running on a remote target system • Drawing target's network diagram gives valuable in formation about the network and its architecture to an attacker • Proxy is a network computer that can serve as an intermediary for connecting with other computers • A chain of proxies can be created to evade a traceback to the attacker

Recommended

Network scan
Network scanNetwork scan
Network scanpenetration Tester
 
Scanning and Enumeration in Cyber Security.pptx
Scanning and Enumeration in Cyber Security.pptxScanning and Enumeration in Cyber Security.pptx
Scanning and Enumeration in Cyber Security.pptxMahdiHasanSowrav
 
arun.ppt
arun.pptarun.ppt
arun.pptSunilKatkar5
 
Ids
IdsIds
IdsSuresh Reddy
 
arun.ppt
arun.pptarun.ppt
arun.pptDiyarAldusky
 
ManageEngine OpUtils Technical Overview
ManageEngine OpUtils Technical OverviewManageEngine OpUtils Technical Overview
ManageEngine OpUtils Technical OverviewManageEngine, Zoho Corporation
 
Cyber Security Project : Comprehensive Vulnerability Analysis Report.pptx
Cyber Security Project : Comprehensive Vulnerability Analysis Report.pptxCyber Security Project : Comprehensive Vulnerability Analysis Report.pptx
Cyber Security Project : Comprehensive Vulnerability Analysis Report.pptxBoston Institute of Analytics
 
Penetration Testing Services Technical Description Cyber51
Penetration Testing Services Technical Description Cyber51Penetration Testing Services Technical Description Cyber51
Penetration Testing Services Technical Description Cyber51martinvoelk
 

Recommended

Network scan
Network scanNetwork scan
Network scanpenetration Tester
 
Scanning and Enumeration in Cyber Security.pptx
Scanning and Enumeration in Cyber Security.pptxScanning and Enumeration in Cyber Security.pptx
Scanning and Enumeration in Cyber Security.pptxMahdiHasanSowrav
 
arun.ppt
arun.pptarun.ppt
arun.pptSunilKatkar5
 
Ids
IdsIds
IdsSuresh Reddy
 
arun.ppt
arun.pptarun.ppt
arun.pptDiyarAldusky
 
ManageEngine OpUtils Technical Overview
ManageEngine OpUtils Technical OverviewManageEngine OpUtils Technical Overview
ManageEngine OpUtils Technical OverviewManageEngine, Zoho Corporation
 
Cyber Security Project : Comprehensive Vulnerability Analysis Report.pptx
Cyber Security Project : Comprehensive Vulnerability Analysis Report.pptxCyber Security Project : Comprehensive Vulnerability Analysis Report.pptx
Cyber Security Project : Comprehensive Vulnerability Analysis Report.pptxBoston Institute of Analytics
 
Penetration Testing Services Technical Description Cyber51
Penetration Testing Services Technical Description Cyber51Penetration Testing Services Technical Description Cyber51
Penetration Testing Services Technical Description Cyber51martinvoelk
 
Network Scanning Phases and Supporting Tools
Network Scanning Phases and Supporting ToolsNetwork Scanning Phases and Supporting Tools
Network Scanning Phases and Supporting ToolsJoseph Bugeja
 
Nmap project presentation : Unlocking Network Secrets: Mastering Port Scannin...
Nmap project presentation : Unlocking Network Secrets: Mastering Port Scannin...Nmap project presentation : Unlocking Network Secrets: Mastering Port Scannin...
Nmap project presentation : Unlocking Network Secrets: Mastering Port Scannin...Boston Institute of Analytics
 
Prensentation on packet sniffer and injection tool
Prensentation on packet sniffer and injection toolPrensentation on packet sniffer and injection tool
Prensentation on packet sniffer and injection toolIssar Kapadia
 
Intrusion Prevention System
Intrusion Prevention SystemIntrusion Prevention System
Intrusion Prevention SystemVishwanath Badiger
 
Phases of penetration testing
Phases of penetration testingPhases of penetration testing
Phases of penetration testingAbdul Rahman
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hackingshahhardik27
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hackingshahhardik27
 
Network Penetration Testing
Network Penetration TestingNetwork Penetration Testing
Network Penetration TestingMohammed Adam
 
Intrusion detection and prevention system
Intrusion detection and prevention systemIntrusion detection and prevention system
Intrusion detection and prevention systemNikhil Raj
 
ids.ppt
ids.pptids.ppt
ids.pptHaipengCai1
 
Modul 2 - Footprinting Scanning Enumeration.ppt
Modul 2 - Footprinting Scanning Enumeration.pptModul 2 - Footprinting Scanning Enumeration.ppt
Modul 2 - Footprinting Scanning Enumeration.pptcemporku
 
modul2-footprintingscanningenumeration.pdf
modul2-footprintingscanningenumeration.pdfmodul2-footprintingscanningenumeration.pdf
modul2-footprintingscanningenumeration.pdftehkotak4
 
Coporate Espionage
Coporate EspionageCoporate Espionage
Coporate EspionageUTD Computer Security Group
 
640-554 IT Certification and Career Paths
640-554 IT Certification and Career Paths640-554 IT Certification and Career Paths
640-554 IT Certification and Career Pathshibaehed
 
Chapter 2
Chapter 2Chapter 2
Chapter 2shahhardik27
 
Intruders in cns. Various intrusion detection and prevention technique.pptx
Intruders in cns. Various intrusion detection and prevention technique.pptxIntruders in cns. Various intrusion detection and prevention technique.pptx
Intruders in cns. Various intrusion detection and prevention technique.pptxSriK49
 
Network traffic analysis with cyber security
Network traffic analysis with cyber securityNetwork traffic analysis with cyber security
Network traffic analysis with cyber securityKAMALI PRIYA P
 
Hacking - penetration tools
Hacking - penetration toolsHacking - penetration tools
Hacking - penetration toolsJenishChauhan4
 
Snort by SecArmour
Snort by SecArmour Snort by SecArmour
Snort by SecArmourSec Armour
 
Introduction to cyber forensics
Introduction to cyber forensicsIntroduction to cyber forensics
Introduction to cyber forensicsAnpumathews
 
Asset Management Software - Infographic
Asset Management Software - InfographicAsset Management Software - Infographic
Asset Management Software - InfographicHr365.us smith
 
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEBATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEOrtus Solutions, Corp
 

More Related Content

Similar to An Toan Thong Tin.pptx

Network Scanning Phases and Supporting Tools
Network Scanning Phases and Supporting ToolsNetwork Scanning Phases and Supporting Tools
Network Scanning Phases and Supporting ToolsJoseph Bugeja
 
Nmap project presentation : Unlocking Network Secrets: Mastering Port Scannin...
Nmap project presentation : Unlocking Network Secrets: Mastering Port Scannin...Nmap project presentation : Unlocking Network Secrets: Mastering Port Scannin...
Nmap project presentation : Unlocking Network Secrets: Mastering Port Scannin...Boston Institute of Analytics
 
Prensentation on packet sniffer and injection tool
Prensentation on packet sniffer and injection toolPrensentation on packet sniffer and injection tool
Prensentation on packet sniffer and injection toolIssar Kapadia
 
Phases of penetration testing
Phases of penetration testingPhases of penetration testing
Phases of penetration testingAbdul Rahman
 
Network Penetration Testing
Network Penetration TestingNetwork Penetration Testing
Network Penetration TestingMohammed Adam
 
Intrusion detection and prevention system
Intrusion detection and prevention systemIntrusion detection and prevention system
Intrusion detection and prevention systemNikhil Raj
 
Modul 2 - Footprinting Scanning Enumeration.ppt
Modul 2 - Footprinting Scanning Enumeration.pptModul 2 - Footprinting Scanning Enumeration.ppt
Modul 2 - Footprinting Scanning Enumeration.pptcemporku
 
modul2-footprintingscanningenumeration.pdf
modul2-footprintingscanningenumeration.pdfmodul2-footprintingscanningenumeration.pdf
modul2-footprintingscanningenumeration.pdftehkotak4
 
640-554 IT Certification and Career Paths
640-554 IT Certification and Career Paths640-554 IT Certification and Career Paths
640-554 IT Certification and Career Pathshibaehed
 
Intruders in cns. Various intrusion detection and prevention technique.pptx
Intruders in cns. Various intrusion detection and prevention technique.pptxIntruders in cns. Various intrusion detection and prevention technique.pptx
Intruders in cns. Various intrusion detection and prevention technique.pptxSriK49
 
Network traffic analysis with cyber security
Network traffic analysis with cyber securityNetwork traffic analysis with cyber security
Network traffic analysis with cyber securityKAMALI PRIYA P
 
Hacking - penetration tools
Hacking - penetration toolsHacking - penetration tools
Hacking - penetration toolsJenishChauhan4
 
Snort by SecArmour
Snort by SecArmour Snort by SecArmour
Snort by SecArmourSec Armour
 
Introduction to cyber forensics
Introduction to cyber forensicsIntroduction to cyber forensics
Introduction to cyber forensicsAnpumathews
 

Similar to An Toan Thong Tin.pptx (20)

Network Scanning Phases and Supporting Tools
Network Scanning Phases and Supporting ToolsNetwork Scanning Phases and Supporting Tools
Network Scanning Phases and Supporting Tools
 
Nmap project presentation : Unlocking Network Secrets: Mastering Port Scannin...
Nmap project presentation : Unlocking Network Secrets: Mastering Port Scannin...Nmap project presentation : Unlocking Network Secrets: Mastering Port Scannin...
Nmap project presentation : Unlocking Network Secrets: Mastering Port Scannin...
 
Prensentation on packet sniffer and injection tool
Prensentation on packet sniffer and injection toolPrensentation on packet sniffer and injection tool
Prensentation on packet sniffer and injection tool
 
Intrusion Prevention System
Intrusion Prevention SystemIntrusion Prevention System
Intrusion Prevention System
 
Phases of penetration testing
Phases of penetration testingPhases of penetration testing
Phases of penetration testing
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Network Penetration Testing
Network Penetration TestingNetwork Penetration Testing
Network Penetration Testing
 
Intrusion detection and prevention system
Intrusion detection and prevention systemIntrusion detection and prevention system
Intrusion detection and prevention system
 
ids.ppt
ids.pptids.ppt
ids.ppt
 
Modul 2 - Footprinting Scanning Enumeration.ppt
Modul 2 - Footprinting Scanning Enumeration.pptModul 2 - Footprinting Scanning Enumeration.ppt
Modul 2 - Footprinting Scanning Enumeration.ppt
 
modul2-footprintingscanningenumeration.pdf
modul2-footprintingscanningenumeration.pdfmodul2-footprintingscanningenumeration.pdf
modul2-footprintingscanningenumeration.pdf
 
Coporate Espionage
Coporate EspionageCoporate Espionage
Coporate Espionage
 
640-554 IT Certification and Career Paths
640-554 IT Certification and Career Paths640-554 IT Certification and Career Paths
640-554 IT Certification and Career Paths
 
Chapter 2
Chapter 2Chapter 2
Chapter 2
 
Intruders in cns. Various intrusion detection and prevention technique.pptx
Intruders in cns. Various intrusion detection and prevention technique.pptxIntruders in cns. Various intrusion detection and prevention technique.pptx
Intruders in cns. Various intrusion detection and prevention technique.pptx
 
Network traffic analysis with cyber security
Network traffic analysis with cyber securityNetwork traffic analysis with cyber security
Network traffic analysis with cyber security
 
Hacking - penetration tools
Hacking - penetration toolsHacking - penetration tools
Hacking - penetration tools
 
Snort by SecArmour
Snort by SecArmour Snort by SecArmour
Snort by SecArmour
 
Introduction to cyber forensics
Introduction to cyber forensicsIntroduction to cyber forensics
Introduction to cyber forensics
 

Recently uploaded

Asset Management Software - Infographic
Asset Management Software - InfographicAsset Management Software - Infographic
Asset Management Software - InfographicHr365.us smith
 
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEBATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEOrtus Solutions, Corp
 
MYjobs Presentation Django-based project
MYjobs Presentation Django-based projectMYjobs Presentation Django-based project
MYjobs Presentation Django-based projectAnoyGreter
 
What is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWhat is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWave PLM
 
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)OPEN KNOWLEDGE GmbH
 
Folding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a seriesFolding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a seriesPhilip Schwarz
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...OnePlan Solutions
 
Implementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureImplementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureDinusha Kumarasiri
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantAxelRicardoTrocheRiq
 
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio, Inc.
 
React Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief UtamaReact Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief UtamaHanief Utama
 
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataAdobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataBradBedford3
 
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024StefanoLambiase
 
Intelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalmIntelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalmSujith Sukumaran
 
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样umasea
 
software engineering Chapter 5 System modeling.pptx
software engineering Chapter 5 System modeling.pptxsoftware engineering Chapter 5 System modeling.pptx
software engineering Chapter 5 System modeling.pptxnada99848
 
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxKnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxTier1 app
 
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...Christina Lin
 
The Evolution of Karaoke From Analog to App.pdf
The Evolution of Karaoke From Analog to App.pdfThe Evolution of Karaoke From Analog to App.pdf
The Evolution of Karaoke From Analog to App.pdfPower Karaoke
 

Recently uploaded (20)

Asset Management Software - Infographic
Asset Management Software - InfographicAsset Management Software - Infographic
Asset Management Software - Infographic
 
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEBATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
 
MYjobs Presentation Django-based project
MYjobs Presentation Django-based projectMYjobs Presentation Django-based project
MYjobs Presentation Django-based project
 
What is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWhat is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need It
 
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)
 
Folding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a seriesFolding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a series
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...
 
Implementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureImplementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with Azure
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service Consultant
 
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
 
React Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief UtamaReact Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief Utama
 
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataAdobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
 
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
 
Intelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalmIntelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalm
 
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
 
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
 
software engineering Chapter 5 System modeling.pptx
software engineering Chapter 5 System modeling.pptxsoftware engineering Chapter 5 System modeling.pptx
software engineering Chapter 5 System modeling.pptx
 
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxKnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
 
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
 
The Evolution of Karaoke From Analog to App.pdf
The Evolution of Karaoke From Analog to App.pdfThe Evolution of Karaoke From Analog to App.pdf
The Evolution of Karaoke From Analog to App.pdf
 

An Toan Thong Tin.pptx

  • 2. Contents 1) Introduction 2) Scanning methodology 3) Checking for Live systems 4) Scanning techniques 5) Scanning countermeasures
  • 3. Introduction • Network scanning refers to a set of procedures for identifying hosts, ports, and services in a network. • Network scanning is one of the components of intelligence gathering an attacker uses to create a profile of the target organization Objectives of network scanning (1) To discover live hosts, IP address, and open ports of live hosts (2) To discover operating systems and system architecture (3) To discover services running on hosts (4) To discover vulnerabilities in live hosts
  • 4. Scanning methodology 1) Check for live systems 2) Check for open ports 3) Scanning beyond IDS 4) Banner grabbing 5) Scanning for vulnerabilities 6) Draw network diagrams 7) Prepare proxies 8) Scanning Pen Testing Check for live systems Check for open ports Identify services Banner Grabbing/OS fingerprinting Scan for vulnerability Draw network diagrams of vulnerabilities hosts Prepare proxies Attack
  • 5. Check for live systems – ICMP Scanning • Ping scan involves sending ICMP echo requests to a host. If the host is live, it will return an ICMP echo reply • This scan is useful for locating active devices or determining if ICMP is passing through a firewall • Tools: Nmap, Angry, IP Scanner, SolarWinds, Ping Scanning Pro,…
  • 6. Check for open ports • Three-way handshake: TCP uses a 3-way handshake to establish a connection between server and client • TCP connect scan detects when a port is open by completing the 3-way handshake • TCP connect scan establishes a full connection and tears it down by sending RST packet Tools: Nmap, Hping
  • 7. Check for open ports (cont.) – UDP Scanning Tools: Nmap, NetScan Tools Pro, Advanced Port Scanner,…
  • 8. Port Scanning Countermeasures • Configure firewall, IDS rules: block unwanted ports • Hide sensitive information from public view • Ensure that mechanism used for routing & filtering at routers, firewalls cannot be bypassed
  • 9. Scanning beyond IDS IDS evasion techniques • Use fragmented IP packets • Use source routing • Spoof IP address • Proxy servers
  • 10. Banner Grabbing • Banner grabbing or OS fingerprinting is the method to determine the operating system running on a remote target system. There are two types of banner grabbing: active and passive • Identifying the OS used on the target host allows an attacker to figure out the vulnerabilities the system poses and the exploits that might work on a system to further carry out additional attacks • Tools: ID Serve, Netcraft, Netcat
  • 11. Banner Grabbing Countermeasures • Display false banners to misguide the attackers • Turn off unnecessary services on the network host to limit the information disclosure
  • 12. Vulnerability Scanning • Vulnerability scanning identifies vulnerabilities and weaknesses of a system and network in order to determine how a system can be exploited Network topology and OS vulnerabilities Application and services vulnerabilities Tools: SAINT, OpenVAS, Nexpose, Retina
  • 13. Draw network diagrams • Drawing target's network diagram gives valuable information about the network and its architecture to an attacker • Network diagram shows logical or physical path to a potential target • Tools: Network View,…
  • 14. Prepare proxies • A proxy is a network computer that can serve as an intermediary for connecting with other computers • Proxy chaining • Tools: ezProxy,…
  • 15. Scanning Pen Testing • Pen testing a network for scanning vulnerabilities determines the network’s security posture by identifying live systems, discovering open ports, associating services and grabbing system banners to simulate a network hacking attempt • The penetration testing report will help system administrators to:
  • 17. Summary • The objective of scanning is to discover live systems, active/running ports, the operating systems, and the services running on the network • Attacker determines the live hosts from a range of IP addresses by sending ICMP ECHO requests to multiple hosts • Attackers use various scanning techniques to bypass firewall rules and logging mechanism, and hide them selves as usual network traffic • Banner grabbing or OS finger printing is the method to determine the operating system running on a remote target system • Drawing target's network diagram gives valuable in formation about the network and its architecture to an attacker • Proxy is a network computer that can serve as an intermediary for connecting with other computers • A chain of proxies can be created to evade a traceback to the attacker