Professional Documents
Culture Documents
Testing
Chapter 3
Scanning Tools
Objectives
• Comprehend the functioning of scanners
• Trace the development of scanners
• Identify various types of scanning
• Identify different scanners
• Scanners
– Find and fix vulnerabilities in remote machines on a
network
– Software tool that examines and reports about
vulnerabilities on local and remote hosts
• Port scanner
– Examines and reports the condition (open or closed)
of a port
• And the application listening on that port, if possible
Chapter 4
Sniffers
Objectives
Identify sniffers
Recognize types of sniffers
Discover the workings of sniffers
Appreciate the functions that sniffers use on a network
Sniffer, or packet sniffer
Application that monitors, filters, and captures data packets
transferred over a network
Sniffers are nearly impossible to detect in operation
And can be implemented from nearly any computer
Types of sniffer
Bundled
Commercial
Free
Kismet is a wireless sniffer that detects networks through
passive sniffing .
Secure alternative to Telnet
SSH protects against:
IP spoofing
Spoof attacks on the local network
IP source routing
DNS spoofing
Interception of cleartext password
Man-in-the-middle attacks
Chapter 5
TCP/IP Vulnerabilities
Objectives
Give a definition of TCP/IP
Know the steps of TCP/IP communication
Recognize weaknesses in TCP/IP
Identify steps in protecting information from vulnerabilities in
TCP/IP
Illegitimate users take advantage of TCP/IP vulnerabilities
By exploiting the “three-way handshake”
Unauthorized users may launch a denial-of-service attack on
the destination computer
Floods network with so many additional requests that regular
traffic is slowed or completely interrupted