The document discusses various techniques for port scanning, including open scans, stealth scans, SYN scans, FIN scans, XMAS scans, and NULL scans. It describes how these scans work to determine open and closed ports on a remote system. It also introduces Nmap as a powerful port scanning tool that supports many operating systems and scan types.
For your final step, you will synthesize the previous steps and laShainaBoling829
For your final step, you will synthesize the previous steps and labs to summarize the major findings from this project.
Specifically, you will prepare a technical report that summarizes your findings including:
1. Provide a table of common ports for protocols we studied. Discuss how security devices can be used to within a larger network to control subnets and devices within those subnets.
2. Discuss network diagnostic tools you used in this lab. Summarize their functionality and describe specifically how you used each tool. Discuss the results you used to assist in both the discovery phase and protocol analysis of the sites you analyzed. What tools impressed you the most and would be most useful for an analyst to employ in the daily activities? What other functionality do you think would be useful to cyber operations analysts?
3. Research and discuss the ethical use of these tools. For example, if you discover a serious vulnerability, what you should you do? What communications should you have with site owners prior to conducting vulnerability scans?
The report should include a title page, table of contents, list of tables and figures (as applicable), content organized into sections. Be sure to properly cite your sources throughout, and include a list of references, formatted in accordance with APA style.
Final Technical Report
31 January 2022
Llyjerylmye Amos
COP 620 Project 1 Final Technical Report
Well-known ports range from 0 to 1023, and are assigned by Internet Assigned Numbers Authority
(IANA) base on the default services that are associated with the assigned ports. Administrators may
obfuscate services that are running on well-known ports by configuring services to be utilized on unused
ephemeral ports. However, the default configuration of well-known ports allow tech savvy personnel
and software vendors to speak a common language when configuring networking devices, information
systems (IS)s and or software applications. Within this lesson, 22-SSH, 23- Telnet, 25-SMTP, 53-DNS, 80-
HTTP, 110-POP3 and 443-HTTPS were the common ports and protocols that were reviewed, table 1.
Port Protocol
22 SSH
23 Telnet
25 SMTP
53 DNS
80 HTTP
110 POP3
443 HTTPS
Table 1. Common ports studies.
Firewalls are the most common network security devices installed on information systems (IS).
According to Cisco (n.d.), “a firewall is a network security device that monitors incoming and outgoing
network traffic and decides whether to allow or block specific traffic based on a defined set of security
rules”. Security rules may be applied to specific ISs, host-based firewalls, or to the entire network,
network-based firewalls to scan emails, hard drives for malware or to allow traffic on certain sections of
the subnet. Firewalls are also categorized into specific type such as, proxy firewalls, stateful inspection
firewalls, unified threat management firewalls, next-generation firewalls (NGFW), ...
Empower yourself to see what's lurking on your network with our Nmap project presentation! This presentation delves into the world of port scanning with Nmap, the industry-standard tool. Explore how Nmap works, uncover different scanning techniques (SYN scan, UDP scan, etc.), and learn to identify open ports, potential vulnerabilities, and running services. Whether you're a network administrator, security professional, or simply curious about your network traffic, this presentation equips you with the skills to gain valuable insights into your network health. Visit us for more nmap project presentations, https://bostoninstituteofanalytics.org/cyber-security-and-ethical-hacking/
CW RADAR, FMCW RADAR, FMCW ALTIMETER, AND THEIR PARAMETERSveerababupersonal22
It consists of cw radar and fmcw radar ,range measurement,if amplifier and fmcw altimeterThe CW radar operates using continuous wave transmission, while the FMCW radar employs frequency-modulated continuous wave technology. Range measurement is a crucial aspect of radar systems, providing information about the distance to a target. The IF amplifier plays a key role in signal processing, amplifying intermediate frequency signals for further analysis. The FMCW altimeter utilizes frequency-modulated continuous wave technology to accurately measure altitude above a reference point.
Hierarchical Digital Twin of a Naval Power SystemKerry Sado
A hierarchical digital twin of a Naval DC power system has been developed and experimentally verified. Similar to other state-of-the-art digital twins, this technology creates a digital replica of the physical system executed in real-time or faster, which can modify hardware controls. However, its advantage stems from distributing computational efforts by utilizing a hierarchical structure composed of lower-level digital twin blocks and a higher-level system digital twin. Each digital twin block is associated with a physical subsystem of the hardware and communicates with a singular system digital twin, which creates a system-level response. By extracting information from each level of the hierarchy, power system controls of the hardware were reconfigured autonomously. This hierarchical digital twin development offers several advantages over other digital twins, particularly in the field of naval power systems. The hierarchical structure allows for greater computational efficiency and scalability while the ability to autonomously reconfigure hardware controls offers increased flexibility and responsiveness. The hierarchical decomposition and models utilized were well aligned with the physical twin, as indicated by the maximum deviations between the developed digital twin hierarchy and the hardware.
About
Indigenized remote control interface card suitable for MAFI system CCR equipment. Compatible for IDM8000 CCR. Backplane mounted serial and TCP/Ethernet communication module for CCR remote access. IDM 8000 CCR remote control on serial and TCP protocol.
• Remote control: Parallel or serial interface.
• Compatible with MAFI CCR system.
• Compatible with IDM8000 CCR.
• Compatible with Backplane mount serial communication.
• Compatible with commercial and Defence aviation CCR system.
• Remote control system for accessing CCR and allied system over serial or TCP.
• Indigenized local Support/presence in India.
• Easy in configuration using DIP switches.
Technical Specifications
Indigenized remote control interface card suitable for MAFI system CCR equipment. Compatible for IDM8000 CCR. Backplane mounted serial and TCP/Ethernet communication module for CCR remote access. IDM 8000 CCR remote control on serial and TCP protocol.
Key Features
Indigenized remote control interface card suitable for MAFI system CCR equipment. Compatible for IDM8000 CCR. Backplane mounted serial and TCP/Ethernet communication module for CCR remote access. IDM 8000 CCR remote control on serial and TCP protocol.
• Remote control: Parallel or serial interface
• Compatible with MAFI CCR system
• Copatiable with IDM8000 CCR
• Compatible with Backplane mount serial communication.
• Compatible with commercial and Defence aviation CCR system.
• Remote control system for accessing CCR and allied system over serial or TCP.
• Indigenized local Support/presence in India.
Application
• Remote control: Parallel or serial interface.
• Compatible with MAFI CCR system.
• Compatible with IDM8000 CCR.
• Compatible with Backplane mount serial communication.
• Compatible with commercial and Defence aviation CCR system.
• Remote control system for accessing CCR and allied system over serial or TCP.
• Indigenized local Support/presence in India.
• Easy in configuration using DIP switches.
Welcome to WIPAC Monthly the magazine brought to you by the LinkedIn Group Water Industry Process Automation & Control.
In this month's edition, along with this month's industry news to celebrate the 13 years since the group was created we have articles including
A case study of the used of Advanced Process Control at the Wastewater Treatment works at Lleida in Spain
A look back on an article on smart wastewater networks in order to see how the industry has measured up in the interim around the adoption of Digital Transformation in the Water Industry.
We have compiled the most important slides from each speaker's presentation. This year’s compilation, available for free, captures the key insights and contributions shared during the DfMAy 2024 conference.
Using recycled concrete aggregates (RCA) for pavements is crucial to achieving sustainability. Implementing RCA for new pavement can minimize carbon footprint, conserve natural resources, reduce harmful emissions, and lower life cycle costs. Compared to natural aggregate (NA), RCA pavement has fewer comprehensive studies and sustainability assessments.
6th International Conference on Machine Learning & Applications (CMLA 2024)ClaraZara1
6th International Conference on Machine Learning & Applications (CMLA 2024) will provide an excellent international forum for sharing knowledge and results in theory, methodology and applications of on Machine Learning & Applications.
2. DEPARTMENT OF INFORMATION TECHNOLOGY, SRKR ENGINEERING COLLEGE
SCANNING
Scanning is the process of finding open/close ports, vulnerabilities in remote
system, server & networks.
It will reveal IP addresses, Operating systems, Services running on remote
computer.
Three types of scanning.
1. Port Scanning
2. Network Scanning
3. Vulnerability Scanning
3. DEPARTMENT OF INFORMATION TECHNOLOGY, SRKR ENGINEERING COLLEGE
SCANNING
Port Scanning:
is one of the most popular technique attacker uses to discover the service they break into.
is one of the most popular technique attacker uses to discover the service they break into.
It is one of the most popular technique attacker uses to discover the service they
break into.
every machine connected to a LAN or connected to Internet via a modem
run many services that listen at well-known and not so well-known ports.
There are 1 to 65535 ports are available in the computer.
By port scanning the attacker finds which ports are available.
4. DEPARTMENT OF INFORMATION TECHNOLOGY, SRKR ENGINEERING COLLEGE
SCANNING
Ports:
The port numbers are unique only within a computer system.
Port numbers are 16-bit unsigned numbers.
The port numbers are divided into three ranges:
1. Well Known Ports (0..1023),
2. The Registered Ports (1024..49151),
3. The Dynamic and/or Private Ports (49152..65535).
5. DEPARTMENT OF INFORMATION TECHNOLOGY, SRKR ENGINEERING COLLEGE
SCANNING
Well Known Ports:
echo 7/tcp Echo
ftp-data 20/udp File Transfer [Default Data]
ftp 21/tcp File Transfer [Control]
ssh 22/tcp SSH Remote Login Protocol
telnet 23/tcp Telnet
domain 53/udp Domain Name Server
www-http 80/tcp World Wide Web HTTP.
Smtp 25/tcp Simple mail transfer protocol
Whois 43/tcp Whois server
6. DEPARTMENT OF INFORMATION TECHNOLOGY, SRKR ENGINEERING COLLEGE
SCANNING
Regestered Ports:
wins 1512/tcp Microsoft Windows Internet Name
Service
radius 1812/udp RADIUS authentication protocol
yahoo 5010 Yahoo! Messenger
x11 6000-6063/tcp X Window System
7. DEPARTMENT OF INFORMATION TECHNOLOGY, SRKR ENGINEERING COLLEGE
SCANNING
SYN - Synchronize - it is used to initiate connection between hosts.
ACK - Acknowledgement - It is used to establish connection between hosts.
PSH - push - tells receiving system to send all buffer data.
URG - urgent - stats that data contain in packet should be process
immediately.
FIN - finish - tells remote system that there will be no more
transmission.
TTL - Time to Live.
8. DEPARTMENT OF INFORMATION TECHNOLOGY, SRKR ENGINEERING COLLEGE
SCANNING
Open Scan:
Known as TCP Scan and normally used to program sockets, this technique is
the oldest and works making a full connection with the server.
For that it makes an authentication with 3 packets. Is known as three-way-
handshake:
For the ports opened:
Client ----> SYN ---->
<---- SYN/ACK <---- Server
Client ----> ACK ---->
9. DEPARTMENT OF INFORMATION TECHNOLOGY, SRKR ENGINEERING COLLEGE
SCANNING
For the ports closed:
Client ----> SYN ---->
<---- RST <---- Server
Advantages : very easy to program.
Disadvantages: is very easy to detect and make logs on each connection.
TCPConnect()
The connect() system call provided by an OS is used to open a connection to
every interesting port on the machine.
If the port is listening, connect() will succeed, otherwise the port isn't
reachable .
10. DEPARTMENT OF INFORMATION TECHNOLOGY, SRKR ENGINEERING COLLEGE
SCANNING
Stealth Scan:
A stealth scan is a kind of scan that is designed to go undetected by auditing
tools.
Fragmented Scan: The scanner splits the TCP header into several IP
fragments.
This bypasses some packet filter firewalls because they cannot see a complete
TCP
header that can match their filter rules.
11. DEPARTMENT OF INFORMATION TECHNOLOGY, SRKR ENGINEERING COLLEGE
SCANNING
SYN Scan:
This technique is called half open scanning because a TCP connection is not
completed.
A SYN packet is sent to remote computer.
The target host responds with a SYN+ACK, this indicates the port is listening
and an RST indicates a non- listener.
12. DEPARTMENT OF INFORMATION TECHNOLOGY, SRKR ENGINEERING COLLEGE
SCANNING
FIN Scan:
Another technique sends erroneous packets at a port, expecting that open
listening ports will send back different error messages than closed ports.
Closed ports reply to fin packets with RST.
Open ports ignore packets.
13. DEPARTMENT OF INFORMATION TECHNOLOGY, SRKR ENGINEERING COLLEGE
SCANNING
XMAS Scan:
XMAS uses scans where all flags in the TCP packet are set & sent to target
host.
Closed ports reply to packets with RST.
Open ports ignore packets.
NULL Scan:
Null Scan used no flags of TCP header & it sent to the target host.
Closed ports reply to packets with RST.
Open ports ignore packets.
15. DEPARTMENT OF INFORMATION TECHNOLOGY, SRKR ENGINEERING COLLEGE
SCANNING
Nmap is powerful utility to scan large number of tools.
Provided with GUI as well as Command line interface.
It is supported by many operating systems.
It can carry out SYN Scan, FIN Scan, Stealth Scan, Half open scan & many
other types.