SlideShare a Scribd company logo

Ethical hacking Chapter 6 - Port Scanning - Eric Vanderburg

Download as PPTX, PDF
Eric Vanderburg
Eric Vanderburg

Ethical hacking Chapter 6 - Port Scanning - Eric Vanderburg

Technology
1 of 21
Ethical Hacking CHAPTER 6 – PORT SCANNING ERIC VANDERBURG
Objectives  Describe port scanning  Describe different types of port scans  Describe various port-scanning tools  Explain what ping sweeps are used for  Explain how shell scripting is used to automate security tasks
Introduction to Port Scanning  Port Scanning  Finds out which services are offered by a host  Identifies vulnerabilities  Open services can be used on attacks  Identify a vulnerable port  Launch an exploit  Scan all ports when testing  Not just well-known ports
Introduction to Port Scanning (continued)  Port scanning programs report  Open ports  Closed ports  Filtered ports  Best-guess assessment of which OS is running
Types of Port Scans  SYN scan  Stealthy scan  Connect scan  Completes the three-way handshake  NULL scan  Packet flags are turned off  XMAS scan  FIN, PSH and URG flags are set
Types of Port Scans (continued)  ACK scan  Used to past a firewall  FIN scan  Closed port responds with an RST packet  UDP scan  Closed port responds with ICMP “Port Unreachable” message
Using Port-Scanning Tools  Nmap  Unicornscan  NetScanTools Pro 2004  Nessus
Nmap  Originally written for Phrack magazine  One of the most popular tools  GUI version  Xnmap  Open source tool  Standard tool for security professionals
Unicornscan  Developed in 2004  Ideal for large networks  Scans 65,535 ports in three to seven seconds  Handles port scanning using  TCP  ICMP  IP  Optimizes UDP scanning
NetScanTools Pro 2004  Robust easy-to-use commercial tool  Supported OSs  *NIX  Windows  Types of tests  Database vulnerabilities  E-mail account vulnerabilities  DHCP server discovery  IP packets and name servers  OS fingerprinting
Nessus  First released in 1998  Open source tool  Uses a client/server technology  Conducts testing from different locations  Can use different OSs for client and network
Nessus (continued)  Server  Any *NIX platform  Client  Can be UNIX or Windows  Functions much like a database server  Ability to update security checks plug-ins  Scripts  Some plug-ins are considered dangerous
Nessus (continued)  Finds services running on ports  Finds vulnerabilities associated with identified services
Conducting Ping Sweeps  Ping sweeps  Identify which IP addresses belong to active hosts  Ping a range of IP addresses  Problems  Computers that are shut down cannot respond  Networks may be configured to block ICMP Echo Requests  Firewalls may filter out ICMP traffic
FPing  Ping multiple IP addresses simultaneously  www.fping.com/download  Command-line tool  Input: multiple IP addresses  Entered at a shell  -g option  Input file with addresses  -f option
Hping  Used to bypass filtering devices  Allows users to fragment and manipulate IP packets  www.hping.org/download  Powerful tool  All security testers must be familiar with tool  Supports many parameters (command options)
Crafting IP Packets  Packet components  Source IP address  Destination IP address  Flags  Crafting packets helps you obtain more information about a service  Tools  Fping  Hping
Understanding Shell Scripting  Modify tools to better suit your needs  Script  Computer program that automates tasks  Time-saving solution
Scripting Basics  Similar to DOS batch programming  Script or batch file  Text file  Contains multiple commands  Repetitive commands are good candidate for scripting  Practice is the key
Summary  Port scanning  Also referred as service scanning  Process of scanning a range of IP address  Determines what services are running  Port scan types  SYN  ACK  FIN  UDP  Others: Connect, NULL, XMAS
Summary (continued)  Port scanning tools  Nmap  Nessus  Unicornscan  Ping sweeps  Determine which computers are “alive”  Shell scripting  Helps with automating tasks

Recommended

Module 3 Scanning
Module 3 ScanningModule 3 Scanning
Module 3 Scanningleminhvuong
 
Ch 5: Port Scanning
Ch 5: Port ScanningCh 5: Port Scanning
Ch 5: Port ScanningSam Bowne
 
Port Scanning
Port ScanningPort Scanning
Port Scanningamiable_indian
 
Ethical hacking Chapter 9 - Linux Vulnerabilities - Eric Vanderburg
Ethical hacking Chapter 9 - Linux Vulnerabilities - Eric VanderburgEthical hacking Chapter 9 - Linux Vulnerabilities - Eric Vanderburg
Ethical hacking Chapter 9 - Linux Vulnerabilities - Eric VanderburgEric Vanderburg
 
Module 4 Enumeration
Module 4 EnumerationModule 4 Enumeration
Module 4 Enumerationleminhvuong
 
Ethical hacking Chapter 7 - Enumeration - Eric Vanderburg
Ethical hacking Chapter 7 - Enumeration - Eric VanderburgEthical hacking Chapter 7 - Enumeration - Eric Vanderburg
Ethical hacking Chapter 7 - Enumeration - Eric VanderburgEric Vanderburg
 
Best!
Best!Best!
Best!gofortution
 
Port scanning
Port scanningPort scanning
Port scanningHemanth Pasumarthi
 

Recommended

Module 3 Scanning
Module 3 ScanningModule 3 Scanning
Module 3 Scanningleminhvuong
 
Ch 5: Port Scanning
Ch 5: Port ScanningCh 5: Port Scanning
Ch 5: Port ScanningSam Bowne
 
Port Scanning
Port ScanningPort Scanning
Port Scanningamiable_indian
 
Ethical hacking Chapter 9 - Linux Vulnerabilities - Eric Vanderburg
Ethical hacking Chapter 9 - Linux Vulnerabilities - Eric VanderburgEthical hacking Chapter 9 - Linux Vulnerabilities - Eric Vanderburg
Ethical hacking Chapter 9 - Linux Vulnerabilities - Eric VanderburgEric Vanderburg
 
Module 4 Enumeration
Module 4 EnumerationModule 4 Enumeration
Module 4 Enumerationleminhvuong
 
Ethical hacking Chapter 7 - Enumeration - Eric Vanderburg
Ethical hacking Chapter 7 - Enumeration - Eric VanderburgEthical hacking Chapter 7 - Enumeration - Eric Vanderburg
Ethical hacking Chapter 7 - Enumeration - Eric VanderburgEric Vanderburg
 
Best!
Best!Best!
Best!gofortution
 
Port scanning
Port scanningPort scanning
Port scanningHemanth Pasumarthi
 
Network scanning
Network scanningNetwork scanning
Network scanningoceanofwebs
 
Network Scanning Phases and Supporting Tools
Network Scanning Phases and Supporting ToolsNetwork Scanning Phases and Supporting Tools
Network Scanning Phases and Supporting ToolsJoseph Bugeja
 
Port Scanning Overview
Port Scanning OverviewPort Scanning Overview
Port Scanning OverviewPublicly traded global multi-billion services company
 
Ceh v5 module 03 scanning
Ceh v5 module 03 scanningCeh v5 module 03 scanning
Ceh v5 module 03 scanningVi Tính Hoàng Nam
 
Dynamic Port Scanning
Dynamic Port ScanningDynamic Port Scanning
Dynamic Port Scanningamiable_indian
 
Attacks and their mitigations
Attacks and their mitigationsAttacks and their mitigations
Attacks and their mitigationsMukesh Chaudhari
 
Ethical hacking Chapter 11 - Exploiting Wireless Networks - Eric Vanderburg
Ethical hacking Chapter 11 - Exploiting Wireless Networks - Eric VanderburgEthical hacking Chapter 11 - Exploiting Wireless Networks - Eric Vanderburg
Ethical hacking Chapter 11 - Exploiting Wireless Networks - Eric VanderburgEric Vanderburg
 
Ethical hacking chapter 8 - Windows Vulnerabilities - Eric Vanderburg
Ethical hacking chapter 8 - Windows Vulnerabilities - Eric VanderburgEthical hacking chapter 8 - Windows Vulnerabilities - Eric Vanderburg
Ethical hacking chapter 8 - Windows Vulnerabilities - Eric VanderburgEric Vanderburg
 
Ceh v5 module 20 buffer overflow
Ceh v5 module 20 buffer overflowCeh v5 module 20 buffer overflow
Ceh v5 module 20 buffer overflowVi Tính Hoàng Nam
 
Certified Ethical Hacker quick test prep cheat sheet
Certified Ethical Hacker quick test prep cheat sheetCertified Ethical Hacker quick test prep cheat sheet
Certified Ethical Hacker quick test prep cheat sheetDavid Sweigert
 
Ethical hacking Chapter 2 - TCP/IP - Eric Vanderburg
Ethical hacking Chapter 2 - TCP/IP - Eric VanderburgEthical hacking Chapter 2 - TCP/IP - Eric Vanderburg
Ethical hacking Chapter 2 - TCP/IP - Eric VanderburgEric Vanderburg
 
Firewall - Network Defense in Depth Firewalls
Firewall - Network Defense in Depth FirewallsFirewall - Network Defense in Depth Firewalls
Firewall - Network Defense in Depth Firewallsphanleson
 
Us 13-opi-evading-deep-inspection-for-fun-and-shell-wp
Us 13-opi-evading-deep-inspection-for-fun-and-shell-wpUs 13-opi-evading-deep-inspection-for-fun-and-shell-wp
Us 13-opi-evading-deep-inspection-for-fun-and-shell-wpOlli-Pekka Niemi
 
CEH v9 cheat sheet notes Certified Ethical Hacker
CEH v9 cheat sheet notes Certified Ethical HackerCEH v9 cheat sheet notes Certified Ethical Hacker
CEH v9 cheat sheet notes Certified Ethical HackerDavid Sweigert
 
All About Snort
All About SnortAll About Snort
All About Snort28pranjal
 
Anton Chuvakin on Honeypots
Anton Chuvakin on HoneypotsAnton Chuvakin on Honeypots
Anton Chuvakin on HoneypotsAnton Chuvakin
 
Cyber security tutorial2
Cyber security tutorial2Cyber security tutorial2
Cyber security tutorial2sweta dargad
 
CEHv7 Question Collection
CEHv7 Question CollectionCEHv7 Question Collection
CEHv7 Question CollectionManish Luintel
 
Session hijacking
Session hijackingSession hijacking
Session hijackingGayatri Kapse
 
Hacking Fundamentals - Jen Johnson , Miria Grunick
Hacking Fundamentals - Jen Johnson , Miria GrunickHacking Fundamentals - Jen Johnson , Miria Grunick
Hacking Fundamentals - Jen Johnson , Miria Grunickamiable_indian
 
Ethical hacking Chapter 10 - Exploiting Web Servers - Eric Vanderburg
Ethical hacking Chapter 10 - Exploiting Web Servers - Eric VanderburgEthical hacking Chapter 10 - Exploiting Web Servers - Eric Vanderburg
Ethical hacking Chapter 10 - Exploiting Web Servers - Eric VanderburgEric Vanderburg
 
Ceh v5 module 05 system hacking
Ceh v5 module 05 system hackingCeh v5 module 05 system hacking
Ceh v5 module 05 system hackingVi Tính Hoàng Nam
 

More Related Content

What's hot

Network scanning
Network scanningNetwork scanning
Network scanningoceanofwebs
 
Network Scanning Phases and Supporting Tools
Network Scanning Phases and Supporting ToolsNetwork Scanning Phases and Supporting Tools
Network Scanning Phases and Supporting ToolsJoseph Bugeja
 
Attacks and their mitigations
Attacks and their mitigationsAttacks and their mitigations
Attacks and their mitigationsMukesh Chaudhari
 
Ethical hacking Chapter 11 - Exploiting Wireless Networks - Eric Vanderburg
Ethical hacking Chapter 11 - Exploiting Wireless Networks - Eric VanderburgEthical hacking Chapter 11 - Exploiting Wireless Networks - Eric Vanderburg
Ethical hacking Chapter 11 - Exploiting Wireless Networks - Eric VanderburgEric Vanderburg
 
Ethical hacking chapter 8 - Windows Vulnerabilities - Eric Vanderburg
Ethical hacking chapter 8 - Windows Vulnerabilities - Eric VanderburgEthical hacking chapter 8 - Windows Vulnerabilities - Eric Vanderburg
Ethical hacking chapter 8 - Windows Vulnerabilities - Eric VanderburgEric Vanderburg
 
Ceh v5 module 20 buffer overflow
Ceh v5 module 20 buffer overflowCeh v5 module 20 buffer overflow
Ceh v5 module 20 buffer overflowVi Tính Hoàng Nam
 
Certified Ethical Hacker quick test prep cheat sheet
Certified Ethical Hacker quick test prep cheat sheetCertified Ethical Hacker quick test prep cheat sheet
Certified Ethical Hacker quick test prep cheat sheetDavid Sweigert
 
Ethical hacking Chapter 2 - TCP/IP - Eric Vanderburg
Ethical hacking Chapter 2 - TCP/IP - Eric VanderburgEthical hacking Chapter 2 - TCP/IP - Eric Vanderburg
Ethical hacking Chapter 2 - TCP/IP - Eric VanderburgEric Vanderburg
 
Firewall - Network Defense in Depth Firewalls
Firewall - Network Defense in Depth FirewallsFirewall - Network Defense in Depth Firewalls
Firewall - Network Defense in Depth Firewallsphanleson
 
Us 13-opi-evading-deep-inspection-for-fun-and-shell-wp
Us 13-opi-evading-deep-inspection-for-fun-and-shell-wpUs 13-opi-evading-deep-inspection-for-fun-and-shell-wp
Us 13-opi-evading-deep-inspection-for-fun-and-shell-wpOlli-Pekka Niemi
 
CEH v9 cheat sheet notes Certified Ethical Hacker
CEH v9 cheat sheet notes Certified Ethical HackerCEH v9 cheat sheet notes Certified Ethical Hacker
CEH v9 cheat sheet notes Certified Ethical HackerDavid Sweigert
 
All About Snort
All About SnortAll About Snort
All About Snort28pranjal
 
Anton Chuvakin on Honeypots
Anton Chuvakin on HoneypotsAnton Chuvakin on Honeypots
Anton Chuvakin on HoneypotsAnton Chuvakin
 
Cyber security tutorial2
Cyber security tutorial2Cyber security tutorial2
Cyber security tutorial2sweta dargad
 
CEHv7 Question Collection
CEHv7 Question CollectionCEHv7 Question Collection
CEHv7 Question CollectionManish Luintel
 
Hacking Fundamentals - Jen Johnson , Miria Grunick
Hacking Fundamentals - Jen Johnson , Miria GrunickHacking Fundamentals - Jen Johnson , Miria Grunick
Hacking Fundamentals - Jen Johnson , Miria Grunickamiable_indian
 

What's hot (20)

Network scanning
Network scanningNetwork scanning
Network scanning
 
Network Scanning Phases and Supporting Tools
Network Scanning Phases and Supporting ToolsNetwork Scanning Phases and Supporting Tools
Network Scanning Phases and Supporting Tools
 
Port Scanning Overview
Port Scanning OverviewPort Scanning Overview
Port Scanning Overview
 
Ceh v5 module 03 scanning
Ceh v5 module 03 scanningCeh v5 module 03 scanning
Ceh v5 module 03 scanning
 
Dynamic Port Scanning
Dynamic Port ScanningDynamic Port Scanning
Dynamic Port Scanning
 
Attacks and their mitigations
Attacks and their mitigationsAttacks and their mitigations
Attacks and their mitigations
 
Ethical hacking Chapter 11 - Exploiting Wireless Networks - Eric Vanderburg
Ethical hacking Chapter 11 - Exploiting Wireless Networks - Eric VanderburgEthical hacking Chapter 11 - Exploiting Wireless Networks - Eric Vanderburg
Ethical hacking Chapter 11 - Exploiting Wireless Networks - Eric Vanderburg
 
Ethical hacking chapter 8 - Windows Vulnerabilities - Eric Vanderburg
Ethical hacking chapter 8 - Windows Vulnerabilities - Eric VanderburgEthical hacking chapter 8 - Windows Vulnerabilities - Eric Vanderburg
Ethical hacking chapter 8 - Windows Vulnerabilities - Eric Vanderburg
 
Ceh v5 module 20 buffer overflow
Ceh v5 module 20 buffer overflowCeh v5 module 20 buffer overflow
Ceh v5 module 20 buffer overflow
 
Certified Ethical Hacker quick test prep cheat sheet
Certified Ethical Hacker quick test prep cheat sheetCertified Ethical Hacker quick test prep cheat sheet
Certified Ethical Hacker quick test prep cheat sheet
 
Ethical hacking Chapter 2 - TCP/IP - Eric Vanderburg
Ethical hacking Chapter 2 - TCP/IP - Eric VanderburgEthical hacking Chapter 2 - TCP/IP - Eric Vanderburg
Ethical hacking Chapter 2 - TCP/IP - Eric Vanderburg
 
Firewall - Network Defense in Depth Firewalls
Firewall - Network Defense in Depth FirewallsFirewall - Network Defense in Depth Firewalls
Firewall - Network Defense in Depth Firewalls
 
Us 13-opi-evading-deep-inspection-for-fun-and-shell-wp
Us 13-opi-evading-deep-inspection-for-fun-and-shell-wpUs 13-opi-evading-deep-inspection-for-fun-and-shell-wp
Us 13-opi-evading-deep-inspection-for-fun-and-shell-wp
 
CEH v9 cheat sheet notes Certified Ethical Hacker
CEH v9 cheat sheet notes Certified Ethical HackerCEH v9 cheat sheet notes Certified Ethical Hacker
CEH v9 cheat sheet notes Certified Ethical Hacker
 
All About Snort
All About SnortAll About Snort
All About Snort
 
Anton Chuvakin on Honeypots
Anton Chuvakin on HoneypotsAnton Chuvakin on Honeypots
Anton Chuvakin on Honeypots
 
Cyber security tutorial2
Cyber security tutorial2Cyber security tutorial2
Cyber security tutorial2
 
CEHv7 Question Collection
CEHv7 Question CollectionCEHv7 Question Collection
CEHv7 Question Collection
 
Session hijacking
Session hijackingSession hijacking
Session hijacking
 
Hacking Fundamentals - Jen Johnson , Miria Grunick
Hacking Fundamentals - Jen Johnson , Miria GrunickHacking Fundamentals - Jen Johnson , Miria Grunick
Hacking Fundamentals - Jen Johnson , Miria Grunick
 

Viewers also liked

Ethical hacking Chapter 10 - Exploiting Web Servers - Eric Vanderburg
Ethical hacking Chapter 10 - Exploiting Web Servers - Eric VanderburgEthical hacking Chapter 10 - Exploiting Web Servers - Eric Vanderburg
Ethical hacking Chapter 10 - Exploiting Web Servers - Eric VanderburgEric Vanderburg
 
SSL basics and SSL packet analysis using wireshark
SSL basics and SSL packet analysis using wiresharkSSL basics and SSL packet analysis using wireshark
SSL basics and SSL packet analysis using wiresharkAl Imran, CISA
 
OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)
OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)
OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)Denny K
 
Wireshark course, Ch 02: Introduction to wireshark
Wireshark course, Ch 02: Introduction to wiresharkWireshark course, Ch 02: Introduction to wireshark
Wireshark course, Ch 02: Introduction to wiresharkYoram Orzach
 
CATALOGUE QUESTEK (Tiếng Việt)
CATALOGUE QUESTEK (Tiếng Việt)CATALOGUE QUESTEK (Tiếng Việt)
CATALOGUE QUESTEK (Tiếng Việt)Vi Tính Hoàng Nam
 
Packet analysis using wireshark
Packet analysis using wiresharkPacket analysis using wireshark
Packet analysis using wiresharkBasaveswar Kureti
 
Wireshark
WiresharkWireshark
Wiresharkbtohara
 
N map presentation
N map presentationN map presentation
N map presentationulirraptor
 
Nmap(network mapping)
Nmap(network mapping)Nmap(network mapping)
Nmap(network mapping)shwetha mk
 
Nmap 9 truth "Nothing to say any more"
Nmap 9 truth "Nothing to say any more"Nmap 9 truth "Nothing to say any more"
Nmap 9 truth "Nothing to say any more"abend_cve_9999_0001
 

Viewers also liked (15)

Ethical hacking Chapter 10 - Exploiting Web Servers - Eric Vanderburg
Ethical hacking Chapter 10 - Exploiting Web Servers - Eric VanderburgEthical hacking Chapter 10 - Exploiting Web Servers - Eric Vanderburg
Ethical hacking Chapter 10 - Exploiting Web Servers - Eric Vanderburg
 
Ceh v5 module 05 system hacking
Ceh v5 module 05 system hackingCeh v5 module 05 system hacking
Ceh v5 module 05 system hacking
 
Ceh v5 module 07 sniffers
Ceh v5 module 07 sniffersCeh v5 module 07 sniffers
Ceh v5 module 07 sniffers
 
SSL basics and SSL packet analysis using wireshark
SSL basics and SSL packet analysis using wiresharkSSL basics and SSL packet analysis using wireshark
SSL basics and SSL packet analysis using wireshark
 
OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)
OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)
OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)
 
Wireshark course, Ch 02: Introduction to wireshark
Wireshark course, Ch 02: Introduction to wiresharkWireshark course, Ch 02: Introduction to wireshark
Wireshark course, Ch 02: Introduction to wireshark
 
CATALOGUE QUESTEK (Tiếng Việt)
CATALOGUE QUESTEK (Tiếng Việt)CATALOGUE QUESTEK (Tiếng Việt)
CATALOGUE QUESTEK (Tiếng Việt)
 
Wireshark
WiresharkWireshark
Wireshark
 
Packet analysis using wireshark
Packet analysis using wiresharkPacket analysis using wireshark
Packet analysis using wireshark
 
Wireshark
WiresharkWireshark
Wireshark
 
Wireshark - presentation
Wireshark - presentationWireshark - presentation
Wireshark - presentation
 
N map presentation
N map presentationN map presentation
N map presentation
 
Nmap(network mapping)
Nmap(network mapping)Nmap(network mapping)
Nmap(network mapping)
 
Nmap 9 truth "Nothing to say any more"
Nmap 9 truth "Nothing to say any more"Nmap 9 truth "Nothing to say any more"
Nmap 9 truth "Nothing to say any more"
 
Wireshark Basics
Wireshark BasicsWireshark Basics
Wireshark Basics
 

Similar to Ethical hacking Chapter 6 - Port Scanning - Eric Vanderburg

Freeware Security Tools You Need
Freeware Security Tools You NeedFreeware Security Tools You Need
Freeware Security Tools You Needamiable_indian
 
Network Situational Awareness with d00gle
Network Situational Awareness with d00gleNetwork Situational Awareness with d00gle
Network Situational Awareness with d00gleDug Song
 
Introduction to Exploitation
Introduction to ExploitationIntroduction to Exploitation
Introduction to Exploitationprimeteacher32
 
A Study Of Open Ports As Security Vulnerabilities In Common User Computers
A Study Of Open Ports As Security Vulnerabilities In Common User ComputersA Study Of Open Ports As Security Vulnerabilities In Common User Computers
A Study Of Open Ports As Security Vulnerabilities In Common User ComputersJoshua Gorinson
 
01204427-scanner.ppt
01204427-scanner.ppt01204427-scanner.ppt
01204427-scanner.pptVarunBehere1
 
Chapter 12
Chapter 12Chapter 12
Chapter 12cclay3
 
Network Vulnerabilities And Cyber Kill Chain Essay
Network Vulnerabilities And Cyber Kill Chain EssayNetwork Vulnerabilities And Cyber Kill Chain Essay
Network Vulnerabilities And Cyber Kill Chain EssayKaren Oliver
 
Addmi 12-basic scan
Addmi 12-basic scanAddmi 12-basic scan
Addmi 12-basic scanodanyboy
 
Scanning and Enumeration in Cyber Security.pptx
Scanning and Enumeration in Cyber Security.pptxScanning and Enumeration in Cyber Security.pptx
Scanning and Enumeration in Cyber Security.pptxMahdiHasanSowrav
 
For your final step, you will synthesize the previous steps and la
For your final step, you will synthesize the previous steps and laFor your final step, you will synthesize the previous steps and la
For your final step, you will synthesize the previous steps and laShainaBoling829
 
Module 5 Sniffers
Module 5 SniffersModule 5 Sniffers
Module 5 Sniffersleminhvuong
 

Similar to Ethical hacking Chapter 6 - Port Scanning - Eric Vanderburg (20)

NMap
NMapNMap
NMap
 
Freeware Security Tools You Need
Freeware Security Tools You NeedFreeware Security Tools You Need
Freeware Security Tools You Need
 
Network Security Tools
Network Security ToolsNetwork Security Tools
Network Security Tools
 
Network Situational Awareness with d00gle
Network Situational Awareness with d00gleNetwork Situational Awareness with d00gle
Network Situational Awareness with d00gle
 
Introduction to Exploitation
Introduction to ExploitationIntroduction to Exploitation
Introduction to Exploitation
 
A Study Of Open Ports As Security Vulnerabilities In Common User Computers
A Study Of Open Ports As Security Vulnerabilities In Common User ComputersA Study Of Open Ports As Security Vulnerabilities In Common User Computers
A Study Of Open Ports As Security Vulnerabilities In Common User Computers
 
01204427-scanner.ppt
01204427-scanner.ppt01204427-scanner.ppt
01204427-scanner.ppt
 
Chapter 12
Chapter 12Chapter 12
Chapter 12
 
Penetration Testing Boot CAMP
Penetration Testing Boot CAMPPenetration Testing Boot CAMP
Penetration Testing Boot CAMP
 
Namp
Namp Namp
Namp
 
Network Vulnerabilities And Cyber Kill Chain Essay
Network Vulnerabilities And Cyber Kill Chain EssayNetwork Vulnerabilities And Cyber Kill Chain Essay
Network Vulnerabilities And Cyber Kill Chain Essay
 
Addmi 12-basic scan
Addmi 12-basic scanAddmi 12-basic scan
Addmi 12-basic scan
 
NMAP1.ppt
NMAP1.pptNMAP1.ppt
NMAP1.ppt
 
Scanning and Enumeration in Cyber Security.pptx
Scanning and Enumeration in Cyber Security.pptxScanning and Enumeration in Cyber Security.pptx
Scanning and Enumeration in Cyber Security.pptx
 
Security tools
Security toolsSecurity tools
Security tools
 
Footprinting tools for security auditors
Footprinting tools for security auditorsFootprinting tools for security auditors
Footprinting tools for security auditors
 
Contents namp
Contents nampContents namp
Contents namp
 
Contents namp
Contents nampContents namp
Contents namp
 
For your final step, you will synthesize the previous steps and la
For your final step, you will synthesize the previous steps and laFor your final step, you will synthesize the previous steps and la
For your final step, you will synthesize the previous steps and la
 
Module 5 Sniffers
Module 5 SniffersModule 5 Sniffers
Module 5 Sniffers
 

More from Eric Vanderburg

GDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT SymposiumGDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT SymposiumEric Vanderburg
 
Modern Security the way Equifax Should Have
Modern Security the way Equifax Should HaveModern Security the way Equifax Should Have
Modern Security the way Equifax Should HaveEric Vanderburg
 
Cybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric VanderburgCybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric VanderburgEric Vanderburg
 
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...Eric Vanderburg
 
Mobile Forensics and Cybersecurity
Mobile Forensics and CybersecurityMobile Forensics and Cybersecurity
Mobile Forensics and CybersecurityEric Vanderburg
 
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...Eric Vanderburg
 
Ransomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware ThreatRansomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware ThreatEric Vanderburg
 
Emerging Technologies: Japan’s Position
Emerging Technologies: Japan’s PositionEmerging Technologies: Japan’s Position
Emerging Technologies: Japan’s PositionEric Vanderburg
 
Principles of technology management
Principles of technology managementPrinciples of technology management
Principles of technology managementEric Vanderburg
 
Japanese railway technology
Japanese railway technologyJapanese railway technology
Japanese railway technologyEric Vanderburg
 
Evaluating japanese technological competitiveness
Evaluating japanese technological competitivenessEvaluating japanese technological competitiveness
Evaluating japanese technological competitivenessEric Vanderburg
 
Japanese current and future technology management challenges
Japanese current and future technology management challengesJapanese current and future technology management challenges
Japanese current and future technology management challengesEric Vanderburg
 
Technology management in Japan: Robotics
Technology management in Japan: RoboticsTechnology management in Japan: Robotics
Technology management in Japan: RoboticsEric Vanderburg
 
Incident response table top exercises
Incident response table top exercisesIncident response table top exercises
Incident response table top exercisesEric Vanderburg
 
The Prescription for Protection - Avoid Treatment Errors To The Malware Problem
The Prescription for Protection - Avoid Treatment Errors To The Malware ProblemThe Prescription for Protection - Avoid Treatment Errors To The Malware Problem
The Prescription for Protection - Avoid Treatment Errors To The Malware ProblemEric Vanderburg
 
Cloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance ChallengesCloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance ChallengesEric Vanderburg
 
Hacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and ThreatsHacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and ThreatsEric Vanderburg
 
Correct the most common web development security mistakes - Eric Vanderburg
Correct the most common web development security mistakes - Eric VanderburgCorrect the most common web development security mistakes - Eric Vanderburg
Correct the most common web development security mistakes - Eric VanderburgEric Vanderburg
 
Deconstructing website attacks - Eric Vanderburg
Deconstructing website attacks - Eric VanderburgDeconstructing website attacks - Eric Vanderburg
Deconstructing website attacks - Eric VanderburgEric Vanderburg
 
Countering malware threats - Eric Vanderburg
Countering malware threats - Eric VanderburgCountering malware threats - Eric Vanderburg
Countering malware threats - Eric VanderburgEric Vanderburg
 

More from Eric Vanderburg (20)

GDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT SymposiumGDPR, Data Privacy and Cybersecurity - MIT Symposium
GDPR, Data Privacy and Cybersecurity - MIT Symposium
 
Modern Security the way Equifax Should Have
Modern Security the way Equifax Should HaveModern Security the way Equifax Should Have
Modern Security the way Equifax Should Have
 
Cybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric VanderburgCybercrime and Cyber Threats - CBLA - Eric Vanderburg
Cybercrime and Cyber Threats - CBLA - Eric Vanderburg
 
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
 
Mobile Forensics and Cybersecurity
Mobile Forensics and CybersecurityMobile Forensics and Cybersecurity
Mobile Forensics and Cybersecurity
 
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...
 
Ransomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware ThreatRansomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware Threat
 
Emerging Technologies: Japan’s Position
Emerging Technologies: Japan’s PositionEmerging Technologies: Japan’s Position
Emerging Technologies: Japan’s Position
 
Principles of technology management
Principles of technology managementPrinciples of technology management
Principles of technology management
 
Japanese railway technology
Japanese railway technologyJapanese railway technology
Japanese railway technology
 
Evaluating japanese technological competitiveness
Evaluating japanese technological competitivenessEvaluating japanese technological competitiveness
Evaluating japanese technological competitiveness
 
Japanese current and future technology management challenges
Japanese current and future technology management challengesJapanese current and future technology management challenges
Japanese current and future technology management challenges
 
Technology management in Japan: Robotics
Technology management in Japan: RoboticsTechnology management in Japan: Robotics
Technology management in Japan: Robotics
 
Incident response table top exercises
Incident response table top exercisesIncident response table top exercises
Incident response table top exercises
 
The Prescription for Protection - Avoid Treatment Errors To The Malware Problem
The Prescription for Protection - Avoid Treatment Errors To The Malware ProblemThe Prescription for Protection - Avoid Treatment Errors To The Malware Problem
The Prescription for Protection - Avoid Treatment Errors To The Malware Problem
 
Cloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance ChallengesCloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance Challenges
 
Hacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and ThreatsHacktivism: Motivations, Tactics and Threats
Hacktivism: Motivations, Tactics and Threats
 
Correct the most common web development security mistakes - Eric Vanderburg
Correct the most common web development security mistakes - Eric VanderburgCorrect the most common web development security mistakes - Eric Vanderburg
Correct the most common web development security mistakes - Eric Vanderburg
 
Deconstructing website attacks - Eric Vanderburg
Deconstructing website attacks - Eric VanderburgDeconstructing website attacks - Eric Vanderburg
Deconstructing website attacks - Eric Vanderburg
 
Countering malware threats - Eric Vanderburg
Countering malware threats - Eric VanderburgCountering malware threats - Eric Vanderburg
Countering malware threats - Eric Vanderburg
 

Recently uploaded

IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 

Recently uploaded (20)

IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 

Ethical hacking Chapter 6 - Port Scanning - Eric Vanderburg

  • 1. Ethical Hacking CHAPTER 6 – PORT SCANNING ERIC VANDERBURG
  • 2. Objectives  Describe port scanning  Describe different types of port scans  Describe various port-scanning tools  Explain what ping sweeps are used for  Explain how shell scripting is used to automate security tasks
  • 3. Introduction to Port Scanning  Port Scanning  Finds out which services are offered by a host  Identifies vulnerabilities  Open services can be used on attacks  Identify a vulnerable port  Launch an exploit  Scan all ports when testing  Not just well-known ports
  • 4. Introduction to Port Scanning (continued)  Port scanning programs report  Open ports  Closed ports  Filtered ports  Best-guess assessment of which OS is running
  • 5. Types of Port Scans  SYN scan  Stealthy scan  Connect scan  Completes the three-way handshake  NULL scan  Packet flags are turned off  XMAS scan  FIN, PSH and URG flags are set
  • 6. Types of Port Scans (continued)  ACK scan  Used to past a firewall  FIN scan  Closed port responds with an RST packet  UDP scan  Closed port responds with ICMP “Port Unreachable” message
  • 7. Using Port-Scanning Tools  Nmap  Unicornscan  NetScanTools Pro 2004  Nessus
  • 8. Nmap  Originally written for Phrack magazine  One of the most popular tools  GUI version  Xnmap  Open source tool  Standard tool for security professionals
  • 9. Unicornscan  Developed in 2004  Ideal for large networks  Scans 65,535 ports in three to seven seconds  Handles port scanning using  TCP  ICMP  IP  Optimizes UDP scanning
  • 10. NetScanTools Pro 2004  Robust easy-to-use commercial tool  Supported OSs  *NIX  Windows  Types of tests  Database vulnerabilities  E-mail account vulnerabilities  DHCP server discovery  IP packets and name servers  OS fingerprinting
  • 11. Nessus  First released in 1998  Open source tool  Uses a client/server technology  Conducts testing from different locations  Can use different OSs for client and network
  • 12. Nessus (continued)  Server  Any *NIX platform  Client  Can be UNIX or Windows  Functions much like a database server  Ability to update security checks plug-ins  Scripts  Some plug-ins are considered dangerous
  • 13. Nessus (continued)  Finds services running on ports  Finds vulnerabilities associated with identified services
  • 14. Conducting Ping Sweeps  Ping sweeps  Identify which IP addresses belong to active hosts  Ping a range of IP addresses  Problems  Computers that are shut down cannot respond  Networks may be configured to block ICMP Echo Requests  Firewalls may filter out ICMP traffic
  • 15. FPing  Ping multiple IP addresses simultaneously  www.fping.com/download  Command-line tool  Input: multiple IP addresses  Entered at a shell  -g option  Input file with addresses  -f option
  • 16. Hping  Used to bypass filtering devices  Allows users to fragment and manipulate IP packets  www.hping.org/download  Powerful tool  All security testers must be familiar with tool  Supports many parameters (command options)
  • 17. Crafting IP Packets  Packet components  Source IP address  Destination IP address  Flags  Crafting packets helps you obtain more information about a service  Tools  Fping  Hping
  • 18. Understanding Shell Scripting  Modify tools to better suit your needs  Script  Computer program that automates tasks  Time-saving solution
  • 19. Scripting Basics  Similar to DOS batch programming  Script or batch file  Text file  Contains multiple commands  Repetitive commands are good candidate for scripting  Practice is the key
  • 20. Summary  Port scanning  Also referred as service scanning  Process of scanning a range of IP address  Determines what services are running  Port scan types  SYN  ACK  FIN  UDP  Others: Connect, NULL, XMAS
  • 21. Summary (continued)  Port scanning tools  Nmap  Nessus  Unicornscan  Ping sweeps  Determine which computers are “alive”  Shell scripting  Helps with automating tasks