160 likes | 253 Vues
Week 3 Scanning. Determine if system is alive Determine which services are running or listening Determine the OS. Week 3: Scanning. Determining if the system is alive? Once you have the target host or network IP range next step is find out if the system is up. Week 3: Scanning.
E N D
Week 3 Scanning • Determine if system is alive • Determine which services are running or listening • Determine the OS
Week 3: Scanning • Determining if the system is alive? • Once you have the target host or network IP range next step is find out if the system is up.
Week 3: Scanning Detecting the type of OS involves • Active stack fingerprinting • Send pkt to target and check response. Type of response will tell help guess OS. • Passive stack fingerprinting • Monitor ntwk traffic to determine OS
Week 3: Scanning • Hacking Tool: Pinger • Hacking Tool: WS_Ping_Pro • Hacking Tool: Netscan Tools Pro 2000 • Hacking Tool: Hping2 • Hacking Tool: icmpenum
Week 3: Scanning • Detecting Ping sweeps • ICMP Queries
Week 3: Scanning • Hacking Tool: netcraft.com • Port Scanning
Week 3: Scanning • TCPs 3-way handshake • TCP Scan types
Week 3: Scanning • Hacking Tool: IPEye • Hacking Tool: IPSECSCAN • Hacking Tool: nmap
Week 3: Scanning • Port Scan countermeasures • Hacking Tool: HTTrack Web Copier
Week 3: Scanning • Network Management Tools • SolarWinds Toolset
Week 3: Scanning • NeoWatch • War Dialing
Week 3: Scanning • Hacking Tool: THC-Scan • Hacking Tool: PhoneSweep War Dialer • Hacking Tool: Queso • Hacking Tool: Cheops
Week 3: Scanning • Proxy Servers • Hacking Tool: SocksChain • Surf the web anonymously • TCP/IP through HTTP Tunneling
Week 3: Scanning • Hacking Tool: HTTPort
Week 3: Scanning • Summary
Some Uses of Port Scanning • Network Inventory • Want to know IP addresses of all your servers? • Want to how many machines are running? • Ntwk/Svr Optimization • Can find which svcs are running on each server and delete which services you don’t need to improve security and performance • Finding Spyware, Trojans, and Worms • Eg. Many well known trojans use large port #s. For Back Orifice uses 54321 • Looking for unauthorized and Illicit services