Network Mapping  Identify Live Hosts  Determine running Services TCP Port Scanning UDP Port Scanning Banner Grabbing ARP Discovery  Identify Perimeter.

Slides:



Advertisements
Similar presentations
Overview The TCP/IP Stack. The Link Layer (L2). The Network Layer (L3). The Transport Layer (L4). Port scanning & OS/App detection techniques. Evasion.
Advertisements

 Dynamic policies o Change as system security state/load changes o GAA architecture  Extended access control lists  Pre-, mid- and post-conditions,
Hands-On Ethical Hacking and Network Defense Second Edition Chapter 5 Port Scanning.
Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning.
IP Network Scanning.
CIT 380: Securing Computer SystemsSlide #1 CIT 380: Securing Computer Systems Scanning.
Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning Last updated
Scanning Determining if the system is alive IP Scanning Port Scanning War Dialing.
Hacking Exposed 7 Network Security Secrets & Solutions Chapter 2 Scanning 1.
System Security Scanning and Discovery Chapter 14.
Scanning slides (c) 2012 by Richard Newman based on Hacking Exposed 7 by McClure, Scambray, and Kurtz.
Scanning February 23, 2010 MIS 4600 – MBA © Abdou Illia.
1 Some TCP/IP Basics....NFSDNSTELNETSMTPFTP UDPTCP IP and ICMP Ethernet, serial line,..etc. Application Layer Transport Layer Network Layer Low-level &
Switch Test Presentation The Outline 1.The concept of ping 2.TCP/IP protocol 3.ICMP 4.Ethereal 5.RFC standard for benchmark.
Week 3-1 Week 3 Scanning Determine if system is alive Determine which services are running or listening Determine the OS.
Network Analyzer Example
Computer Security and Penetration Testing
IST 228\Ch3\IP Addressing1 TCP/IP and DoD Model (TCP/IP Model)
SUSE Linux Enterprise Server Administration (Course 3037) Chapter 7 Connect the SUSE Linux Enterprise Server to the Network.
Ana Chanaba Robert Huylo
Internet Control Message Protocol ICMP. ICMP has two major purposes: –To report erroneous conditions –To diagnose network problems ICMP has two major.
Data Gathering A hacker can’t do anything to you if they don’t know anything about you. The hacker requires: –A target –Your ip address –Your OS type –What.
Network Reconnaissance
1 Reconnaissance, Network Mapping, and Vulnerability Assessment ECE4112 – Internetwork Security Georgia Institute of Technology.
CIS 450 – Network Security Chapter 3 – Information Gathering.
Scapy. Introduction  It’s a packet manipulation tool.  It can forge or decode packets of a wide number of protocols, send them on the wire, capture.
Hybrid Approaches Towards Optimized Network Discovery Techniques By David Meltzer.
MIS Week 4 Site:
Port Scanning and Enumeration (NMAP)
1 Reconnaissance, Network Mapping, and Vulnerability Assessment ECE4112 – Internetwork Security Georgia Institute of Technology.
1 Reconnaissance, Network Mapping, and Vulnerability Assessment ECE4112 – Internetwork Security Georgia Institute of Technology.
A VIRTUAL HONEYPOT FRAMEWORK Author : Niels Provos Publication: Usenix Security Symposium Presenter: Hiral Chhaya for CAP6103.
Information Networking Security and Assurance Lab National Chung Cheng University 1 Port Scanners.
Network Assessment How intrusion techniques contribute to system/network security Network and system monitoring System mapping Ports, OS, applications.
Chapter 2 Scanning Last modified Determining If The System Is Alive.
1 Lab 1: Reconnaissance, Network Mapping, and Vulnerability Assessment Reconnaissance Scanning Network Mapping Port Scanning OS detection Vulnerability.
Scanning & Enumeration Lab 3 Once attacker knows who to attack, and knows some of what is there (e.g. DNS servers, mail servers, etc.) the next step is.
Trinity Uses Nmap, shouldn’t you?. From “The Art of War” "... knowing your enemy 100% of the time, you will win your battle 100% of the time, knowing.
Networked Systems Survivability CERT ® Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA © 2002 Carnegie.
Assessing a Target System Source: Chapter 3 Computer Security Fundamentals Chuck Easttom Prentice Hall, 2006.
1 Figure 4-1: Targeted System Penetration (Break-In Attacks) Host Scanning  Ping often is blocked by firewalls  Send TCP SYN/ACK to generate RST segments.
Chapter 9 Firewalls. The Need for Firewalls Putting a Web server on the Internet without a firewall is dangerous –Remember in CNIT 123 how a firewall.
Advanced Packet Analysis and Troubleshooting Using Wireshark 23AF
Module 5 – Vulnerability Identification  Phase II  Controls Assessment  Scheduling ○ Information Gathering ○ Network Mapping ○ Vulnerability Identification.
Footprinting and Scanning
Hands-On Ethical Hacking and Network Defense
Network Reconnaissance CS490 - Security in Computing Copyright © 2005 by Scott Orr and the Trustees of Indiana University.
Scanning.
Footprinting/Scanning/ Enumeration Lesson 9. Footprinting External attack: Enables attackers to create a profile of an organization’s security posture.
Kali Linux BY BLAZE STERLING. Roadmap  What is Kali Linux  Installing Kali Linux  Included Tools  In depth included tools  Conclusion.
Penetration Testing By Blaze Sterling. Roadmap What is Penetration Testing How is it done? Penetration Testing Tools Kali Linux In depth included tools.
Network and Port Scanning Chien-Chung Shen
COMP265 --Pentesting Tools nmap. Tons of Tools Top 125 Network Security Tools – “I also point newbies to this.
Ping and Traceroute by Aleisa A. Drivere Supervisor Graciela Perera.
Victoria Manfredi September 13, 2016.
Protection (tools).
Enumeration The First Step.
Port Scanning James Tate II
Introduction to Network Scanning
Footprinting and Scanning
Networks Fall 2012.
Networks Fall 2010.
CITA 352 Chapter 5 Port Scanning.
Calvin Wilson Craig Delzangle
CIT 480: Securing Computer Systems
Module 18 (More Network Discovery)
Footprinting and Scanning
Network Reconnaissance and Enumeration
The Siphon Project An Implementation of Stealth Target Acquisition & Information Gathering Methodologies Introduction: Introduce self, Chris introduce.
EVAPI - Enumeration Auburn Hacking club
Presentation transcript:

Network Mapping  Identify Live Hosts  Determine running Services TCP Port Scanning UDP Port Scanning Banner Grabbing ARP Discovery  Identify Perimeter Network (Router / Firewalls)‏ Tracerouting Scan Default Firewall/Router Ports Perform FIN/ACK Scan Map Router / Firewall Rule-Base  Passive OS Guessing  Active OS Guessing TCP/IP Stack Fingerprinting HTTP Packet Analysis ICMP Packet Analysis Telnet Handshake Analysis  Host Enumeration Systems Enumeration Heorot.net

Identify Live Hosts  Project Scope will restrict scan spectrum  Tools: ping nmap hping traceroute tpctraceroute Heorot.net

Identify Live Hosts ping Demonstration

Identify Live Hosts nmap Demonstration

Identify Live Hosts hping Demonstration

Identify Live Hosts traceroute Demonstration

Identify Live Hosts tcptraceroute Demonstration

Hands-On Exercise Identify Live Hosts  Tools: ping nmap hping traceroute tpctraceroute  Man pages # man ping # man nmap # man traceroute # man tcptraceroute  Difference between: TCP UDP  What is an “ICMP echo request”? #man icmp Heorot.net

Determine Running Services  TCP Port Scanning  UDP Port Scanning  Banner Grabbing  ARP Discovery Heorot.net

Determine Running Services TCP Port Scanning  Tools: nmap netcat hping Heorot.net

Determine Running Services nmap Demonstration

Determine Running Services netcat Demonstration

Determine Running Services hping Demonstration

Determine Running Services UDP Port Scanning  Tools: nmap netcat hping Heorot.net

Determine Running Services nmap Demonstration

Determine Running Services netcat Demonstration

Determine Running Services hping Demonstration

Determine Running Services Banner Grabbing  Tools: nmap amap netcat telnet Heorot.net

Determine Running Services nmap Demonstration

Determine Running Services amap Demonstration

Determine Running Services netcat Demonstration

Determine Running Services telnet Demonstration

Determine Running Services ARP Discovery  Tools: arping arp + protocol analyzer Heorot.net

Hands-On Exercise Determining Running Services  Tools: nmap netcat hping amap netcat telnet  TCP Services 5 “open” services  UDP Services 1 “closed” service (or is it???)  Banners How many banners can you grab? Version Information Application Name  TCP 3-way Handshake Heorot.net

Operating System Guessing Operating System Query  Tools: httprint netcat nmap Heorot.net

Operating System Guessing httprint Demonstration

Operating System Guessing netcat Demonstration

Operating System Guessing ICMP Packet Analysis  Tools: xprobe Heorot.net

Operating System Guessing xprobe Demonstration

Operating System Guessing Telnet Handshake Analysis  Tools: nmap telnetfp Heorot.net

Operating System Guessing nmap Demonstration

Host Enumeration What did you miss? Unknown application? Unusual OS?  Time to read up: RFC (Request for Comments)‏ White Papers Manuals Heorot.net

Hands-On Exercise Operating System Guessing / Host Enumeration  Tools: xprobe nmap  RFCs What they are Who produces them RFC 793, 768, 792 ○ Bonus: 854, 4251 ○ Super-Geek Bonus: 3766  White Papers Linux Slackware  Documentation Slackware Heorot.net

Module 4 – Conclusion  Phase II  Controls Assessment  Scheduling ○ Information Gathering ○ Network Mapping Identify Live Hosts Determine running Services Identify Perimeter Network (Router / Firewalls)‏ Passive OS Guessing Active OS Guessing Host Enumeration Heorot.net

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.