Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Portscan all the things! PyCon CZ 2018
1. @JirkaV, PyCon CZ 2018
Portscan all the things!
(fast, distributed and effective)
2. @JirkaV, PyCon CZ 2018
About (TL;DR)
“Senior Red Team Analyst” (read: hacker)
13 years of hacking $BIGCORPs*
Python user since Python 2.4
*at their request
7. @JirkaV, PyCon CZ 2018
“Port” ?
8.8.8.8:53
8.8.4.4:53
9.9.9.9:53
1.1.1.1:53
http://www.python.org:80
https://www.python.org:443
Ports range from 1 to 65535
8. @JirkaV, PyCon CZ 2018
Port Facts
Each open port is being serviced by a program
9. @JirkaV, PyCon CZ 2018
Port Facts
Each open port is being serviced by a program
Which might be misconfigured or vulnerable
10. @JirkaV, PyCon CZ 2018
Port Facts
Each open port is being serviced by a program
Which might be misconfigured or vulnerable
It might leak data or provide access to inner
network
11. @JirkaV, PyCon CZ 2018
Port Facts
Each open port is being serviced by a program
It might be misconfigured or vulnerable
It might leak data or provide access to inner
network
We need to find it and check it
18. @JirkaV, PyCon CZ 2018
The Bad
A lot of ports to check (16 million for a “small”
perimeter)
19. @JirkaV, PyCon CZ 2018
The Bad
A lot of ports to check (16 million for a “small”
perimeter)
Tools / HW appliances for detecting scans
20. @JirkaV, PyCon CZ 2018
The Bad
A lot of ports to check (16 million for a “small”
perimeter)
Tools / HW appliances for detecting scans
No clear indication if ports are closed or we’re
being blocked