Search results
Results from the WOW.Com Content Network
Nmap features include: Fast scan (nmap -F [target]) – Performing a basic port scan for fast result. Host discovery – Identifying hosts on a network. For example, listing the hosts that respond to TCP and/or ICMP requests or have a particular port open. Port scanning – Enumerating the open ports on target hosts.
Performing a port scan and OS identification (-O option in nmap) on the zombie candidate network rather than just a ping scan helps in selecting a good zombie. As long as verbose mode (-v) is enabled, OS detection will usually determine the IP ID sequence generation method and print a line such as “IP ID Sequence Generation: Incremental”.
Tools commonly used to perform banner grabbing are Telnet, Nmap and Netcat. For example, one could establish a connection to a target web server using Netcat , then send an HTTP request. The response will typically contain information about the service running on the host:
hping is an open-source packet generator and analyzer for the TCP/IP protocol created by Salvatore Sanfilippo (also known as Antirez). It is one of the common tools used for security auditing and testing of firewalls and networks, and was used to exploit the idle scan scanning technique (also invented by the hping author), and now implemented in the Nmap Security Scanner.
The command is designed to be a dependable back-end that can be used directly or easily driven by other programs and scripts. At the same time, it is a feature-rich network debugging and investigation tool, since it can produce almost any kind of connection its user could need and has a number of built-in capabilities.
Command shell enables users to run collection scripts or run arbitrary commands against the host. Meterpreter (the Metasploit Interpreter) enables users to control the screen of a device using VNC and to browse, upload and download files. Dynamic payloads enable users to evade anti-virus defense by generating unique payloads.
Nmap – comprehensive active stack fingerprinting. p0f – comprehensive passive TCP/IP stack fingerprinting. NetSleuth – free passive fingerprinting and analysis tool; PacketFence [9] – open source NAC with passive DHCP fingerprinting. Satori – passive CDP, DHCP, ICMP, HPSP, HTTP, TCP/IP and other stack fingerprinting.
Scanning: Uses technical tools to further the attacker's knowledge of the system. For example, Nmap can be used to scan for open ports. Gaining access: Using the data gathered in the reconnaissance and scanning phases, the attacker can use a payload to exploit the targeted system.