300 likes | 528 Vues
Scanning. 2012 BackTrack Workshop Upstate ISSA Chapter. Agenda. Passive “Scanning” Active Scanning. Passive “Scanning”. Wireshark tcpdump Lanmap EtherApe. Wireshark. Applications -> BackTrack -> Information Gathering -> Network Analysis -> Network Traffic Analysis -> wireshark OR
E N D
Scanning 2012 BackTrack Workshop Upstate ISSA Chapter
Agenda • Passive “Scanning” • Active Scanning
Passive “Scanning” • Wireshark • tcpdump • Lanmap • EtherApe
Wireshark • Applications -> BackTrack -> Information Gathering -> Network Analysis -> Network Traffic Analysis -> wireshark OR wireshark
tcpdump • Simple packet capture from eth0 tcpdump –i eth0 • Limit number of packets capture tcpdump –c 2 –i eth0 • Display packets in ASCII tcpdump –A –i eth0 • And Hex… tcpdump –XX –i eth0
tcpdump tcpdump –i eth0
Active Scanning • Hack Naked • Ping Sweeps • Discovering Open Ports • Service Enumeration • SNMP Walking • VPN Detection
Hack Naked • Conduct testing without security controls such as firewalls, IPS and AV
Ping Sweeps • Nmap • Zenmap • fping • hping2
Nmap (Ping Sweep) nmap 192.168.1.0/24 -sP
fping fping –g 192.168.1.0/24
hping (Default Packets) hping2 192.168.1.112 –S -V
Discovering Open Ports • Nmap Default Scan • Scanning All Ports
Service Enumeration • Nmap Service Detection • NSE (Nmap Scripting Engine)
Nmap Service Detection nmap 192.168.1.112 -sV
NSE (Nessus Scripting Engine) nmap 192.168.1.112 -sC