Presentation is loading. Please wait.

Presentation is loading. Please wait.

Scanning February 23, 2010 MIS 4600 – MBA 5880 - © Abdou Illia.

Published by Modified over 8 years ago

Similar presentations

Presentation on theme: "Scanning February 23, 2010 MIS 4600 – MBA 5880 - © Abdou Illia."— Presentation transcript:

1 Scanning February 23, 2010 MIS 4600 – MBA 5880 - © Abdou Illia

2 Objectives  Discuss scanning and how it is accomplished  Identify resources that can be used in scanning  Demonstrate how to use scanning tools on Linux to scan remote targets. 2

3 What is Scanning? 3  Step after footprinting  Referred to as port scanning, service scanning, or network scanning  Process of scanning a range of IP addresses in order to determine what services/programs are running on networked computers  Typically performed using scanning tools like  Command line utilities like Fping, Hping, nmap, tcpdump, etc  GUI scanners 1. Footprinting 2. Scanning 3. Enumeration 4. Attack Searching vulnerabilities

4 Types of Port scanning 4  SYN scan—In normal TCP session, first the client sends the server a TCP packet with the SYN flag set. The server responds to this with a packet having both SYN and ACK flags set, acknowledging the SYN. The client then replies with an ACK of its own, completing the connection. With SYN scan the 3-way handshaking is not completed; which means the target never log the “transaction”. After all you don’t want the log to show your IP address.  FIN scan—In this scan, a TCP packet with the FIN flag set is sent to the target computer to “see” how it react. Normally, a TCP packet with the FIN flag set is sent to a client when the server is ready to terminate the connection. The client responds with an ACK which acknowledges the disconnect.  NULLscan—In a NULL scan, all the packet flags are turned off, that means none of the RST (reset), FIN, SYN, or ACK flags is set. If the ports of the target are closed, the target responds with a TCP RST packet. If the ports are open, the target sends no reply, effectively noting that port number as an open port to the user.  ACK scan—A TCP packet with the ACK flag set. Scans of the TCP ACK type are used to identify Web sites that are active, which are normally set not to respond to ICMP pings. Active Web sites respond to the TCP ACK with a TCP RST, giving the user confirmation of the status of a site.  TCP Connect scan—The “three-way handshake” process described under TCP SYN above. When one system sends a packet with the SYN flag set, the target device responds with SYN and ACK flags set, and the initiator completes the connection with a packet containing a set ACK flag. Unlike in a SYN scan, the “transaction” is logged. SYN SYN/AC K ACK

5 Types of Port scanning 5  XMAS scan—In this kind of scan, the FIN, PSH, and URG flags are set. Closed ports respond with a RST packet. Can be used to determine which ports are open. Not getting the RST packet doesn’t mean that the port is open because firewalls or other packet filtering devices may be configured to drop the UDP scan packet.  UDP scan—In this scan, a UDP packet is sent to the target computer. If the computer sends back an ICMP “Port unreachable” message, the port is. Not getting this message doesn’t mean that the port is open because firewalls or other packet filtering devices may be configured to drop the UDP scan packet.

6 Preparing for Lab 5 6  Instructor will demonstrate the following to help students prepare for Lab 5  Conecting the Linux machine to the Internet  Using the Fping utility  Installing the Hping utility  Using Nmap

Download ppt "Scanning February 23, 2010 MIS 4600 – MBA 5880 - © Abdou Illia."

Similar presentations

 Dynamic policies o Change as system security state/load changes o GAA architecture  Extended access control lists  Pre-, mid- and post-conditions,

 Dynamic policies o Change as system security state/load changes o GAA architecture  Extended access control lists  Pre-, mid- and post-conditions,
TCP/IP Fundamentals A quick and easy way to understand TCP/IP v4.

TCP/IP Fundamentals A quick and easy way to understand TCP/IP v4.
1 Topic 2 – Lesson 4 Packet Filtering Part I. 2 Basic Questions What is packet filtering? What is packet filtering? What elements are inside an IP header?

1 Topic 2 – Lesson 4 Packet Filtering Part I. 2 Basic Questions What is packet filtering? What is packet filtering? What elements are inside an IP header?
Review For Exam 2 March 9, 2010 MIS 4600 – MBA 5880 - © Abdou Illia.

Review For Exam 2 March 9, 2010 MIS 4600 – MBA © Abdou Illia.
CISCO NETWORKING ACADEMY Chabot College ELEC 99.05 Transport Layer (4)

CISCO NETWORKING ACADEMY Chabot College ELEC Transport Layer (4)
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 OSI Transport Layer Network Fundamentals – Chapter 4.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 OSI Transport Layer Network Fundamentals – Chapter 4.
NMAP Scanning Options. EC-Council NMAP  Nmap is the most popular scanning tool used on the Internet.  Cretead by Fyodar (http://www.insecure.org), it.

NMAP Scanning Options. EC-Council NMAP  Nmap is the most popular scanning tool used on the Internet.  Cretead by Fyodar ( it.
Network Security of Labnet ******. Introduction Test the network security of the servers on our Labnet domain Find Potential Weaknesses Find Security.

Network Security of Labnet ******. Introduction Test the network security of the servers on our Labnet domain Find Potential Weaknesses Find Security.
Packets and Protocols Chapter Seven Real World Packet Captures.

Packets and Protocols Chapter Seven Real World Packet Captures.
1 Reading Log Files. 2 Segment Format

1 Reading Log Files. 2 Segment Format
Hands-On Ethical Hacking and Network Defense Second Edition Chapter 5 Port Scanning.

Hands-On Ethical Hacking and Network Defense Second Edition Chapter 5 Port Scanning.
Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning.

Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning.
IP Network Scanning.

IP Network Scanning.
CIT 380: Securing Computer SystemsSlide #1 CIT 380: Securing Computer Systems Scanning.

CIT 380: Securing Computer SystemsSlide #1 CIT 380: Securing Computer Systems Scanning.
Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning Last updated 9-18-08.

Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning Last updated
Scanning Determining if the system is alive IP Scanning Port Scanning War Dialing.

Scanning Determining if the system is alive IP Scanning Port Scanning War Dialing.
Port Scanning CT1406 lab#5.

Port Scanning CT1406 lab#5.
Suneeta Chawla Web Security Presentation Topic : IP Spoofing Date : 03/24/04.

Suneeta Chawla Web Security Presentation Topic : IP Spoofing Date : 03/24/04.
Intruder Trends Tom Longstaff CERT Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213-3890 Sponsored by.

Intruder Trends Tom Longstaff CERT Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA Sponsored by.
TCP/IP Network and Firewall. IP Packet Protocol  1 ICMP packet  6 TCP packet  17 UDP packet.

TCP/IP Network and Firewall. IP Packet Protocol  1 ICMP packet  6 TCP packet  17 UDP packet.

Similar presentations

Ads by Google