You are on page 1of 77

www.vncert.gov.

vn

www.vncert.gov.vn

Module 4 SCANNING

www.vncert.gov.vn

Content
1 2 3 4 5 6 7

Definition of scanning Types and objectives of Scanning Checking live systems and open ports Understanding scanning techniques Different tools present to perform Scanning Understanding banner grabbing and OS fingerprinting Drawing network diagrams of vulnerable host

8 9

Preparing proxies Scanning countermeasures

www.vncert.gov.vn

Scanning - Definition

www.vncert.gov.vn

Types of Scanning

www.vncert.gov.vn

Objectives of Scanning

www.vncert.gov.vn

www.vncert.gov.vn

Checking for Live Systems - ICMP Scanning

www.vncert.gov.vn

Angry IP Scanner

www.vncert.gov.vn

Angry IP Scanner: Screenshot

www.vncert.gov.vn

www.vncert.gov.vn

Three Way Handshake

www.vncert.gov.vn

Three Way Handshake: Screenshot

www.vncert.gov.vn

TCP Communication Flags

www.vncert.gov.vn

Nmap

www.vncert.gov.vn

Nmap: Screenshot

www.vncert.gov.vn

Nmap: Scan Methods

www.vncert.gov.vn

Nmap: Scan Methods

www.vncert.gov.vn

NMAP Scan Options

www.vncert.gov.vn

NMAP Output Format

www.vncert.gov.vn

NMAP Timing Options

www.vncert.gov.vn

NMAP Options

www.vncert.gov.vn

HPING2

www.vncert.gov.vn

Hping2 Commands

www.vncert.gov.vn

SYN Stealth / Half Open Scan

www.vncert.gov.vn

Stealth Scan

www.vncert.gov.vn

Xmas Scan

www.vncert.gov.vn

FIN Scan

www.vncert.gov.vn

NULL Scan

www.vncert.gov.vn

IDLE Scan

www.vncert.gov.vn

IDLE Scan: Basics

www.vncert.gov.vn

IDLE Scan: Step 1

www.vncert.gov.vn

IDLE Scan: Step 2.1 (Open Port)

www.vncert.gov.vn

IDLE Scan: Step 2.2 (Closed Port)

www.vncert.gov.vn

IDLE Scan: Step 3

www.vncert.gov.vn

ICMP Echo Scanning/List Scan

www.vncert.gov.vn

TCP Connect / Full Open Scan

www.vncert.gov.vn

www.vncert.gov.vn

War Dialer Technique

www.vncert.gov.vn

Why War Dialing?

www.vncert.gov.vn

Wardialing

www.vncert.gov.vn

PhoneSweep War Dialing Tool

www.vncert.gov.vn

THC Scan

www.vncert.gov.vn

ToneLoc

www.vncert.gov.vn

ModemScan
www.wardial.net

www.vncert.gov.vn

War Dialing Countermeasures SandTrap Tool

www.vncert.gov.vn

www.vncert.gov.vn

OS Fingerprinting

www.vncert.gov.vn

Active Stack Fingerprinting

www.vncert.gov.vn

Passive Fingerprinting

www.vncert.gov.vn

Active Banner Grabbing Using Telnet

www.vncert.gov.vn

GET REQUESTS

www.vncert.gov.vn

p0f Banner Grabbing Tool

www.vncert.gov.vn

p0f for Windows

www.vncert.gov.vn

Httprint Banner Grabbing Tool

www.vncert.gov.vn

Httprint: Screenshot

www.vncert.gov.vn

Tools for Active Stack Fingerprinting

www.vncert.gov.vn

Netcraft

www.vncert.gov.vn

www.vncert.gov.vn

Nessus

www.vncert.gov.vn

Nessus: Screenshot 1

www.vncert.gov.vn

Nessus: Screenshot 2

www.vncert.gov.vn

GFI LANGuard

www.vncert.gov.vn

GFI LANGuard Features

www.vncert.gov.vn

Retina

www.vncert.gov.vn

Retina: Screenshot

www.vncert.gov.vn

www.vncert.gov.vn

FriendlyPinger

www.vncert.gov.vn

www.vncert.gov.vn

Proxy Servers

www.vncert.gov.vn

Use of Proxies for Attack

www.vncert.gov.vn

Free Proxy Servers (1/2)

www.vncert.gov.vn

Free Proxy Servers (2/2)

www.vncert.gov.vn

SocksChain

www.vncert.gov.vn

HTTP Tunneling Techniques

www.vncert.gov.vn

Why Do I Need HTTP Tunneling

www.vncert.gov.vn

Scanning Countermeasures