SlideShare ist ein Scribd-Unternehmen logo

Network scanning

Als PPTX, PDF herunterladen
oceanofwebs
oceanofwebs

A quick guide to describe the basic of Network and network scanning by oceanofwebs.com

Technologie
1 von 14
Network Basics • A netowk consist of 3 parts 1. IP Address 2. Services 3. Port • IP Addresses – An address is comprised of two parts- a network address and a host address and determined by the subnet mask. – A simple example is 192.168.1.1 with a subnet mask of 255.255.255.0. • 192.168.1 is the network address (the 192.168.1.0 network) and .1 is a host address on that network. Oceanofwebs.com 1
• Services – The network protocol that listens for incoming connection requests and links the server application with the client – Typically each service runs on a set of specific ports – In actuality, any service can run on any port • Therefore, you should put only limited trust in port/service mappings. – Use an application scanner (service detection) to ensure find out what application is really running on that port. – Nmap has service detection 2Oceanofwebs.com
• Ports • A port is where a service listens for connections • Common services use common well-known ports • Could use any port as long as both the server and the client know which port to connect to • Ports allow different services to be available from one location or IP Address 3Oceanofwebs.com
Scanning • Types of scanning – Host (Ping) Scanning – Port Scanning – Vulnerability Scanning 4Oceanofwebs.com
Host Scanning • Hackers perform host scanning to locate and identify hosts on the network. • Usually by “pinging” a range of IP addresses. • Host which respond to pings may be targeted for attack. 5Oceanofwebs.com
Port Scanning • Hackers perform Port Scans to determine what services a host may be running. • By knowing the services the hacker can attempt attacks against known vulnerabilities in the service. • Port scans attempt to make initial connection to service running on a particular port number. • Port scans are invasive and are easily detected by Intrusion Detection and/or firewalls. 6Oceanofwebs.com
Vulnerability Scanning • What is vulnerability scanning? – Used to find known flaws within an application or network. – These scanning tools are typically signature based and can only find vulnerabilities that the tools know about. – Many good commercial and freeware tools are available. 7Oceanofwebs.com
Scanning Tools • Host & Port Scanning – Nmap • Vulnerability Scanning – GFI and Nessus 8Oceanofwebs.com
9Oceanofwebs.com
Scanning Tool - Nmap • The only port scanner you’ll need • Pros – FREE – Continually Updated – OS Detection and Service Detection – Support for both Windows and Unix • Cons – No standard Graphical User Interface LINK: (www.insecure.org) 10Oceanofwebs.com
Scanning Tool- SuperScan Pro’s – FREE download from Foundstone – Very stable, Fairly fast – Graphical User Interface Con’s – Windows version only – No stealth options, no Firewall Evasion – Service Detection/Application Mapping • LINK: (www.foundstone.com) 11Oceanofwebs.com
12Oceanofwebs.com
Scanning Tool – Nessus • Pros – Nessus is free – Large plugin or signature base – You can customize and create new plugins • Cons – Tenable took Nessus private (closed source) – Purchasing plans for new plugins – Shareware plug-ins are seven days behind LINK: (www.nessus.org) 13Oceanofwebs.com
Scanning Tool – GFI LANguard Network Security Scanner • Pros – Port Scanner, Enumeration, and Vulnerability Scanner – Many features such as SNMP and SQL brute force – Great for Windows networks • Cons – Lacks extensive signatures for other operating systems – Look to Nessus for scanning heterogeneous networks 14Oceanofwebs.com

Empfohlen

Module 2 Foot Printing
Module 2 Foot PrintingModule 2 Foot Printing
Module 2 Foot Printing
leminhvuong
 
NMAP
NMAPNMAP
NMAP
PrateekAryan1
 
NMap
NMapNMap
NMap
Pritesh Raka
 
System hacking
System hackingSystem hacking
System hacking
CAS
 
Nmap
NmapNmap
Nmap
Fat-Thing Gabriel-Culley
 
Nmap basics
Nmap basicsNmap basics
Nmap basics
n|u - The Open Security Community
 
What is security testing and why it is so important?
What is security testing and why it is so important?What is security testing and why it is so important?
What is security testing and why it is so important?
ONE BCG
 
NMAP - The Network Scanner
NMAP - The Network ScannerNMAP - The Network Scanner
NMAP - The Network Scanner
n|u - The Open Security Community
 

Empfohlen

Module 2 Foot Printing
Module 2 Foot PrintingModule 2 Foot Printing
Module 2 Foot Printing
leminhvuong
 
NMAP
NMAPNMAP
NMAP
PrateekAryan1
 
NMap
NMapNMap
NMap
Pritesh Raka
 
System hacking
System hackingSystem hacking
System hacking
CAS
 
Nmap
NmapNmap
Nmap
Fat-Thing Gabriel-Culley
 
Nmap basics
Nmap basicsNmap basics
Nmap basics
n|u - The Open Security Community
 
What is security testing and why it is so important?
What is security testing and why it is so important?What is security testing and why it is so important?
What is security testing and why it is so important?
ONE BCG
 
NMAP - The Network Scanner
NMAP - The Network ScannerNMAP - The Network Scanner
NMAP - The Network Scanner
n|u - The Open Security Community
 
Introduction To Ethical Hacking
Introduction To Ethical HackingIntroduction To Ethical Hacking
Introduction To Ethical Hacking
Raghav Bisht
 
Understanding NMAP
Understanding NMAPUnderstanding NMAP
Understanding NMAP
Phannarith Ou, G-CISO
 
Web Application Penetration Testing
Web Application Penetration Testing Web Application Penetration Testing
Web Application Penetration Testing
Priyanka Aash
 
Phishing ppt
Phishing pptPhishing ppt
Phishing ppt
shindept123
 
Reconnaissance - For pentesting and user awareness
Reconnaissance - For pentesting and user awarenessReconnaissance - For pentesting and user awareness
Reconnaissance - For pentesting and user awareness
Leon Teale
 
Module 3 Scanning
Module 3 ScanningModule 3 Scanning
Module 3 Scanning
leminhvuong
 
Network security
Network securityNetwork security
Network security
fatimasaham
 
Reconnaissance
ReconnaissanceReconnaissance
Reconnaissance
n|u - The Open Security Community
 
Penetration Testing Execution Phases
Penetration Testing Execution Phases Penetration Testing Execution Phases
Penetration Testing Execution Phases
Nasir Bhutta
 
Introduction to penetration testing
Introduction to penetration testingIntroduction to penetration testing
Introduction to penetration testing
Nezar Alazzabi
 
Brute force-attack presentation
Brute force-attack presentationBrute force-attack presentation
Brute force-attack presentation
Mahmoud Ibra
 
Network Security Presentation
Network Security PresentationNetwork Security Presentation
Network Security Presentation
Allan Pratt MBA
 
Nmap commands
Nmap commandsNmap commands
Nmap commands
Kailash Kumar
 
Web Application Security 101
Web Application Security 101Web Application Security 101
Web Application Security 101
Cybersecurity Education and Research Centre
 
zero day exploits
zero day exploitszero day exploits
zero day exploits
Adv. Prashant Mali ♛ [Bsc(Phy),MSc(Comp Sci), CCFP,CISSA,LLM]
 
Ethical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jainEthical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jain
Suvrat Jain
 
Penetration testing & Ethical Hacking
Penetration testing & Ethical HackingPenetration testing & Ethical Hacking
Penetration testing & Ethical Hacking
S.E. CTS CERT-GOV-MD
 
Vulnerabilities in modern web applications
Vulnerabilities in modern web applicationsVulnerabilities in modern web applications
Vulnerabilities in modern web applications
Niyas Nazar
 
Network Scanning Phases and Supporting Tools
Network Scanning Phases and Supporting ToolsNetwork Scanning Phases and Supporting Tools
Network Scanning Phases and Supporting Tools
Joseph Bugeja
 
Recon with Nmap
Recon with Nmap Recon with Nmap
Recon with Nmap
OWASP Delhi
 
Port scanning
Port scanningPort scanning
Port scanning
Hemanth Pasumarthi
 
Port Scanning
Port ScanningPort Scanning
Port Scanning
amiable_indian
 

Weitere ähnliche Inhalte

Was ist angesagt?

Module 3 Scanning
Module 3 ScanningModule 3 Scanning
Module 3 Scanning
leminhvuong
 

Was ist angesagt? (20)

Introduction To Ethical Hacking
Introduction To Ethical HackingIntroduction To Ethical Hacking
Introduction To Ethical Hacking
 
Understanding NMAP
Understanding NMAPUnderstanding NMAP
Understanding NMAP
 
Web Application Penetration Testing
Web Application Penetration Testing Web Application Penetration Testing
Web Application Penetration Testing
 
Phishing ppt
Phishing pptPhishing ppt
Phishing ppt
 
Reconnaissance - For pentesting and user awareness
Reconnaissance - For pentesting and user awarenessReconnaissance - For pentesting and user awareness
Reconnaissance - For pentesting and user awareness
 
Module 3 Scanning
Module 3 ScanningModule 3 Scanning
Module 3 Scanning
 
Network security
Network securityNetwork security
Network security
 
Reconnaissance
ReconnaissanceReconnaissance
Reconnaissance
 
Penetration Testing Execution Phases
Penetration Testing Execution Phases Penetration Testing Execution Phases
Penetration Testing Execution Phases
 
Introduction to penetration testing
Introduction to penetration testingIntroduction to penetration testing
Introduction to penetration testing
 
Brute force-attack presentation
Brute force-attack presentationBrute force-attack presentation
Brute force-attack presentation
 
Network Security Presentation
Network Security PresentationNetwork Security Presentation
Network Security Presentation
 
Nmap commands
Nmap commandsNmap commands
Nmap commands
 
Web Application Security 101
Web Application Security 101Web Application Security 101
Web Application Security 101
 
zero day exploits
zero day exploitszero day exploits
zero day exploits
 
Ethical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jainEthical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jain
 
Penetration testing & Ethical Hacking
Penetration testing & Ethical HackingPenetration testing & Ethical Hacking
Penetration testing & Ethical Hacking
 
Vulnerabilities in modern web applications
Vulnerabilities in modern web applicationsVulnerabilities in modern web applications
Vulnerabilities in modern web applications
 
Network Scanning Phases and Supporting Tools
Network Scanning Phases and Supporting ToolsNetwork Scanning Phases and Supporting Tools
Network Scanning Phases and Supporting Tools
 
Recon with Nmap
Recon with Nmap Recon with Nmap
Recon with Nmap
 

Andere mochten auch

Hacking With Nmap - Scanning Techniques
Hacking With Nmap - Scanning TechniquesHacking With Nmap - Scanning Techniques
Hacking With Nmap - Scanning Techniques
amiable_indian
 
ethical-hacking-guide
ethical-hacking-guideethical-hacking-guide
ethical-hacking-guide
Matt Ford
 
Common hacking tactics
Common hacking tacticsCommon hacking tactics
Common hacking tactics
Fariha Khudzri
 

Andere mochten auch (20)

Port scanning
Port scanningPort scanning
Port scanning
 
Port Scanning
Port ScanningPort Scanning
Port Scanning
 
Ch 5: Port Scanning
Ch 5: Port ScanningCh 5: Port Scanning
Ch 5: Port Scanning
 
Nmap(network mapping)
Nmap(network mapping)Nmap(network mapping)
Nmap(network mapping)
 
Ch 3: Network and Computer Attacks
Ch 3: Network and Computer AttacksCh 3: Network and Computer Attacks
Ch 3: Network and Computer Attacks
 
Nmap not only a port scanner by ravi rajput comexpo security awareness meet
Nmap not only a port scanner by ravi rajput comexpo security awareness meet Nmap not only a port scanner by ravi rajput comexpo security awareness meet
Nmap not only a port scanner by ravi rajput comexpo security awareness meet
 
Port Scanning Overview
Port Scanning OverviewPort Scanning Overview
Port Scanning Overview
 
Nmap Basics
Nmap BasicsNmap Basics
Nmap Basics
 
Dynamic Port Scanning
Dynamic Port ScanningDynamic Port Scanning
Dynamic Port Scanning
 
Hacking With Nmap - Scanning Techniques
Hacking With Nmap - Scanning TechniquesHacking With Nmap - Scanning Techniques
Hacking With Nmap - Scanning Techniques
 
Scan tool basics
Scan tool basicsScan tool basics
Scan tool basics
 
ethical-hacking-guide
ethical-hacking-guideethical-hacking-guide
ethical-hacking-guide
 
Common hacking tactics
Common hacking tacticsCommon hacking tactics
Common hacking tactics
 
Secure and Simple Sandboxing in SELinux
Secure and Simple Sandboxing in SELinuxSecure and Simple Sandboxing in SELinux
Secure and Simple Sandboxing in SELinux
 
Hack In Paris 2011 - Practical Sandboxing
Hack In Paris 2011 - Practical SandboxingHack In Paris 2011 - Practical Sandboxing
Hack In Paris 2011 - Practical Sandboxing
 
Sandboxing in .NET CLR
Sandboxing in .NET CLRSandboxing in .NET CLR
Sandboxing in .NET CLR
 
Ceh v5 module 07 sniffers
Ceh v5 module 07 sniffersCeh v5 module 07 sniffers
Ceh v5 module 07 sniffers
 
File Transfer protocols
File Transfer protocolsFile Transfer protocols
File Transfer protocols
 
Content Analysis System and Advanced Threat Protection
Content Analysis System and Advanced Threat ProtectionContent Analysis System and Advanced Threat Protection
Content Analysis System and Advanced Threat Protection
 
Advanced Threat Protection - Sandboxing 101
Advanced Threat Protection - Sandboxing 101Advanced Threat Protection - Sandboxing 101
Advanced Threat Protection - Sandboxing 101
 

Ähnlich wie Network scanning

Nmap project presentation : Unlocking Network Secrets: Mastering Port Scannin...
Nmap project presentation : Unlocking Network Secrets: Mastering Port Scannin...Nmap project presentation : Unlocking Network Secrets: Mastering Port Scannin...
Nmap project presentation : Unlocking Network Secrets: Mastering Port Scannin...
Boston Institute of Analytics
 
[old] Network Performance Monitoring for DevOps and IT
[old] Network Performance Monitoring for DevOps and IT[old] Network Performance Monitoring for DevOps and IT
[old] Network Performance Monitoring for DevOps and IT
Site24x7
 

Ähnlich wie Network scanning (20)

Scanning networks (by piyush upadhyay)
Scanning networks (by piyush upadhyay)Scanning networks (by piyush upadhyay)
Scanning networks (by piyush upadhyay)
 
Nmap project presentation : Unlocking Network Secrets: Mastering Port Scannin...
Nmap project presentation : Unlocking Network Secrets: Mastering Port Scannin...Nmap project presentation : Unlocking Network Secrets: Mastering Port Scannin...
Nmap project presentation : Unlocking Network Secrets: Mastering Port Scannin...
 
Network Penetration Testing
Network Penetration TestingNetwork Penetration Testing
Network Penetration Testing
 
Penetration Testing Services Technical Description Cyber51
Penetration Testing Services Technical Description Cyber51Penetration Testing Services Technical Description Cyber51
Penetration Testing Services Technical Description Cyber51
 
Virtual Private Network
Virtual Private NetworkVirtual Private Network
Virtual Private Network
 
[old] Network Performance Monitoring for DevOps and IT
[old] Network Performance Monitoring for DevOps and IT[old] Network Performance Monitoring for DevOps and IT
[old] Network Performance Monitoring for DevOps and IT
 
Network scan
Network scanNetwork scan
Network scan
 
Vp ns
Vp nsVp ns
Vp ns
 
Practical White Hat Hacker Training - Vulnerability Detection
Practical White Hat Hacker Training - Vulnerability DetectionPractical White Hat Hacker Training - Vulnerability Detection
Practical White Hat Hacker Training - Vulnerability Detection
 
lecture5.pptx
lecture5.pptxlecture5.pptx
lecture5.pptx
 
DC612 Day - Hands on Penetration Testing 101
DC612 Day - Hands on Penetration Testing 101DC612 Day - Hands on Penetration Testing 101
DC612 Day - Hands on Penetration Testing 101
 
Cloud Native ORAN Testing in Your Pipeline
Cloud Native ORAN Testing in Your PipelineCloud Native ORAN Testing in Your Pipeline
Cloud Native ORAN Testing in Your Pipeline
 
Network Security Tools
Network Security ToolsNetwork Security Tools
Network Security Tools
 
Slide Deck – Session 9 – FRSecure CISSP
Slide Deck – Session 9 – FRSecure CISSP Slide Deck – Session 9 – FRSecure CISSP
Slide Deck – Session 9 – FRSecure CISSP
 
An Toan Thong Tin.pptx
An Toan Thong Tin.pptxAn Toan Thong Tin.pptx
An Toan Thong Tin.pptx
 
Scanning and Enumeration in Cyber Security.pptx
Scanning and Enumeration in Cyber Security.pptxScanning and Enumeration in Cyber Security.pptx
Scanning and Enumeration in Cyber Security.pptx
 
ManageEngine OpUtils Technical Overview
ManageEngine OpUtils Technical OverviewManageEngine OpUtils Technical Overview
ManageEngine OpUtils Technical Overview
 
Introduction to firewalls
Introduction to firewallsIntroduction to firewalls
Introduction to firewalls
 
Namp
Namp Namp
Namp
 
ids.ppt
ids.pptids.ppt
ids.ppt
 

Kürzlich hochgeladen

Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
Overkill Security
 

Kürzlich hochgeladen (20)

AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu SubbuApidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
 

Network scanning

  • 1. Network Basics • A netowk consist of 3 parts 1. IP Address 2. Services 3. Port • IP Addresses – An address is comprised of two parts- a network address and a host address and determined by the subnet mask. – A simple example is 192.168.1.1 with a subnet mask of 255.255.255.0. • 192.168.1 is the network address (the 192.168.1.0 network) and .1 is a host address on that network. Oceanofwebs.com 1
  • 2. • Services – The network protocol that listens for incoming connection requests and links the server application with the client – Typically each service runs on a set of specific ports – In actuality, any service can run on any port • Therefore, you should put only limited trust in port/service mappings. – Use an application scanner (service detection) to ensure find out what application is really running on that port. – Nmap has service detection 2Oceanofwebs.com
  • 3. • Ports • A port is where a service listens for connections • Common services use common well-known ports • Could use any port as long as both the server and the client know which port to connect to • Ports allow different services to be available from one location or IP Address 3Oceanofwebs.com
  • 4. Scanning • Types of scanning – Host (Ping) Scanning – Port Scanning – Vulnerability Scanning 4Oceanofwebs.com
  • 5. Host Scanning • Hackers perform host scanning to locate and identify hosts on the network. • Usually by “pinging” a range of IP addresses. • Host which respond to pings may be targeted for attack. 5Oceanofwebs.com
  • 6. Port Scanning • Hackers perform Port Scans to determine what services a host may be running. • By knowing the services the hacker can attempt attacks against known vulnerabilities in the service. • Port scans attempt to make initial connection to service running on a particular port number. • Port scans are invasive and are easily detected by Intrusion Detection and/or firewalls. 6Oceanofwebs.com
  • 7. Vulnerability Scanning • What is vulnerability scanning? – Used to find known flaws within an application or network. – These scanning tools are typically signature based and can only find vulnerabilities that the tools know about. – Many good commercial and freeware tools are available. 7Oceanofwebs.com
  • 8. Scanning Tools • Host & Port Scanning – Nmap • Vulnerability Scanning – GFI and Nessus 8Oceanofwebs.com
  • 10. Scanning Tool - Nmap • The only port scanner you’ll need • Pros – FREE – Continually Updated – OS Detection and Service Detection – Support for both Windows and Unix • Cons – No standard Graphical User Interface LINK: (www.insecure.org) 10Oceanofwebs.com
  • 11. Scanning Tool- SuperScan Pro’s – FREE download from Foundstone – Very stable, Fairly fast – Graphical User Interface Con’s – Windows version only – No stealth options, no Firewall Evasion – Service Detection/Application Mapping • LINK: (www.foundstone.com) 11Oceanofwebs.com
  • 13. Scanning Tool – Nessus • Pros – Nessus is free – Large plugin or signature base – You can customize and create new plugins • Cons – Tenable took Nessus private (closed source) – Purchasing plans for new plugins – Shareware plug-ins are seven days behind LINK: (www.nessus.org) 13Oceanofwebs.com
  • 14. Scanning Tool – GFI LANguard Network Security Scanner • Pros – Port Scanner, Enumeration, and Vulnerability Scanner – Many features such as SNMP and SQL brute force – Great for Windows networks • Cons – Lacks extensive signatures for other operating systems – Look to Nessus for scanning heterogeneous networks 14Oceanofwebs.com