0

CHAPTER-2
SCANNING



Scanning is the second phase of hacking
By scanning we can find out:
                                           >Which all servers are alive (AKA)
                                           > Specific ip address
                                           >Operating system
                                           >System architecture 
                                           >Service running on each system
Types of scanning
                                           >Port Scanning
                                           >Network Scanning
                                           >Vulnerability Scanning

Port scanning:
port is the open doors to the system; where the information's go and come to the system
Types of port scans:
  • >Vanilla: the scanner attempts to connect to all 65,535 ports
  • >Strobe: a more focused scan looking only for known services to exploit
  • >Fragmented packets: the scanner sends packet fragments that get through simple packet filters in a firewall
  • >UDP: the scanner looks for open UDP ports
  • >Sweep: the scanner connects to the same port on more than one machine
  • >FTP bounce: the scanner goes through an FTP server in order to disguise the source of the scan
  • >Stealth scan: the scanner blocks the scanned computer from recording the port scan activities.

Network scanning
Network scanning is a procedure for identifying active hosts on a network; Scanning procedures, such as ping sweeps and port scan s, return information about which IP addresses map to live hosts that are active on the Internet and what services they offer

Vulnerability Scanning
The automated process of proactively identifying vulnerabilities of computing systems in a network in order to determine if and where a system can be exploited or threatened; Vulnerability scanning typically refers to the scanning of systems that are connected to the Internet

Techniques using for scanning
ICMP Scanning (internet control messaging protocol scanning)
it is used to find whether the system is alive 
we can find it in may ways

1. ping 
go to cmd --> ping 192.168.70.14 or ping www.csice.org

2.Angry ip scanner
Scans the systems available in a given input range



checking for open ports (which all service are running and all...........)
                                                        fig-1:TCP 3 way handshaking 
Terms:
SYN ::  Synchronize; used to initialize connection between client and server 
ACK::  Acknowledgement ; used to establish connection between two hosts

Tools using for port scanning

1,Superscan
Powerful tool from mcafee; TCP portscanner, pinger, hostname resolve

2. Zen map
Powerful tool to detect o/s, version detection ,ping sweep, portscaning ect..........

3.net scan tools pro 
Its a paid software  with 15 days demo version

4. wups
a powerfull UDP port scanner  (works only in 32 bit systems)

5.Net Scan Tool Suite Pack
A collection of tools; portscanners , flooders, webrippers ,mass e-mailers

IF U WHERE USING LINUX MAIL ME I WILL TEACH U HOW IT ALL DO IN LINUX


Reference: CEH slides 5th and 6th edition,
                   McGraw.hill, hacking exposed network security secrets and solution 6th edition 
                   google.co.in 
                   defn from : wikipedia.org
- See more at: http://hckr333-ch02.blogspot.in/#sthash.T23A0VKE.dpuf

Post a Comment

 
Top