hands on ethical hacking and network defense n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Hands-On Ethical Hacking and Network Defense PowerPoint Presentation
Download Presentation
Hands-On Ethical Hacking and Network Defense

Loading in 2 Seconds...

play fullscreen
1 / 34

Hands-On Ethical Hacking and Network Defense - PowerPoint PPT Presentation


  • 115 Views
  • Uploaded on

Hands-On Ethical Hacking and Network Defense. Chapter 5 Port Scanning. Objectives. Describe port scanning Describe different types of port scans Describe various port-scanning tools Explain what ping sweeps are used for Explain how shell scripting is used to automate security tasks.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

Hands-On Ethical Hacking and Network Defense


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
    Presentation Transcript
    1. Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning

    2. Objectives • Describe port scanning • Describe different types of port scans • Describe various port-scanning tools • Explain what ping sweeps are used for • Explain how shell scripting is used to automate security tasks Hands-On Ethical Hacking and Network Defense

    3. Introduction to Port Scanning • Port Scanning • Finds out which services are offered by a host • Identifies vulnerabilities • Open services can be used on attacks • Identify a vulnerable port • Launch an exploit • Scan all ports when testing • Not just well-known ports Hands-On Ethical Hacking and Network Defense

    4. Hands-On Ethical Hacking and Network Defense

    5. Introduction to Port Scanning (continued) • Port scanning programs report • Open ports • Closed ports • Filtered ports • Best-guess assessment of which OS is running Hands-On Ethical Hacking and Network Defense

    6. Types of Port Scans • SYN scan • Stealthy scan • Connect scan • Completes the three-way handshake • NULL scan • Packet flags are turned off • XMAS scan • FIN, PSH and URG flags are set Hands-On Ethical Hacking and Network Defense

    7. Types of Port Scans (continued) • ACK scan • Used to past a firewall • FIN scan • Closed port responds with an RST packet • UDP scan • Closed port responds with ICMP “Port Unreachable” message Hands-On Ethical Hacking and Network Defense

    8. Using Port-Scanning Tools • Nmap • Unicornscan • NetScanTools Pro 2004 • Nessus Hands-On Ethical Hacking and Network Defense

    9. Nmap • Originally written for Phrack magazine • One of the most popular tools • GUI version • Xnmap • Open source tool • Standard tool for security professionals Hands-On Ethical Hacking and Network Defense

    10. Hands-On Ethical Hacking and Network Defense

    11. Unicornscan • Developed in 2004 • Ideal for large networks • Scans 65,535 ports in three to seven seconds • Handles port scanning using • TCP • ICMP • IP • Optimizes UDP scanning Hands-On Ethical Hacking and Network Defense

    12. NetScanTools Pro 2004 • Robust easy-to-use commercial tool • Supported OSs • *NIX • Windows • Types of tests • Database vulnerabilities • E-mail account vulnerabilities • DHCP server discovery • IP packets and name servers • OS fingerprinting Hands-On Ethical Hacking and Network Defense

    13. Hands-On Ethical Hacking and Network Defense

    14. Hands-On Ethical Hacking and Network Defense

    15. Nessus • First released in 1998 • Open source tool • Uses a client/server technology • Conducts testing from different locations • Can use different OSs for client and network Hands-On Ethical Hacking and Network Defense

    16. Nessus (continued) • Server • Any *NIX platform • Client • Can be UNIX or Windows • Functions much like a database server • Ability to update security checks plug-ins • Scripts • Some plug-ins are considered dangerous Hands-On Ethical Hacking and Network Defense

    17. Hands-On Ethical Hacking and Network Defense

    18. Nessus (continued) • Finds services running on ports • Finds vulnerabilities associated with identified services Hands-On Ethical Hacking and Network Defense

    19. Hands-On Ethical Hacking and Network Defense

    20. Conducting Ping Sweeps • Ping sweeps • Identify which IP addresses belong to active hosts • Ping a range of IP addresses • Problems • Computers that are shut down cannot respond • Networks may be configured to block ICMP Echo Requests • Firewalls may filter out ICMP traffic Hands-On Ethical Hacking and Network Defense

    21. FPing • Ping multiple IP addresses simultaneously • www.fping.com/download • Command-line tool • Input: multiple IP addresses • Entered at a shell • -g option • Input file with addresses • -f option Hands-On Ethical Hacking and Network Defense

    22. Hands-On Ethical Hacking and Network Defense

    23. Hands-On Ethical Hacking and Network Defense

    24. Hping • Used to bypass filtering devices • Allows users to fragment and manipulate IP packets • www.hping.org/download • Powerful tool • All security testers must be familiar with tool • Supports many parameters (command options) Hands-On Ethical Hacking and Network Defense

    25. Hands-On Ethical Hacking and Network Defense

    26. Hands-On Ethical Hacking and Network Defense

    27. Hands-On Ethical Hacking and Network Defense

    28. Crafting IP Packets • Packet components • Source IP address • Destination IP address • Flags • Crafting packets helps you obtain more information about a service • Tools • Fping • Hping Hands-On Ethical Hacking and Network Defense

    29. Understanding Shell Scripting • Modify tools to better suit your needs • Script • Computer program that automates tasks • Time-saving solution Hands-On Ethical Hacking and Network Defense

    30. Scripting Basics • Similar to DOS batch programming • Script or batch file • Text file • Contains multiple commands • Repetitive commands are good candidate for scripting • Practice is the key Hands-On Ethical Hacking and Network Defense

    31. Hands-On Ethical Hacking and Network Defense

    32. Hands-On Ethical Hacking and Network Defense

    33. Summary • Port scanning • Also referred as service scanning • Process of scanning a range of IP address • Determines what services are running • Port scan types • SYN • ACK • FIN • UDP • Others: Connect, NULL, XMAS Hands-On Ethical Hacking and Network Defense

    34. Summary (continued) • Port scanning tools • Nmap • Nessus • Unicornscan • Ping sweeps • Determine which computers are “alive” • Shell scripting • Helps with automating tasks Hands-On Ethical Hacking and Network Defense