Presentation is loading. Please wait.

Presentation is loading. Please wait.

Module 18 (More Network Discovery)

Published byJemima Pearson Modified over 6 years ago

Similar presentations

Presentation on theme: "Module 18 (More Network Discovery)"— Presentation transcript:

1 Module 18 (More Network Discovery)
At the end of this module, you should know a little bit more about nmap scanning. You should know one way to identify machines that don't respond to ping request, and you should know how nmap classifies ports that it interrogates. Module 18

2 Do Ping Scans Always Work?
If hosts don't respond to ping, we must find an alternate way of finding them. By default, nmap will perform host discovery. In addition to ICMP ECHO REQUEST, nmap sends ICMP TIMESTAMP, TCP SYN to port 443 and TCP ACK to port 80. To disable host discovery and still do a default network scan, we provide the -Pn parameter to nmap: nmap -Pn /24 Module 18

3 Demonstrate This Scan In my virtual network, I am running kali and another host as well. The other host will show up because of services it is running. Module 18

4 Some Scan Types Different types of scans might be used to identify ports on devices that are offering services: TCP connect scan (SYN, SYN/ACK, ACK) available in nmap if you are not root TCP SYN scan (half-open scanning, stealthy) SYN/ACK response from listening host RST/ACK from non-listening port TCP FIN scan (Unix hosts send RST for closed ports) TCP Xmas Tree (FIN, URG, PUSH – should get back RST for closed ports) TCP Null scan (should send RST for all closed ports) TCP ACK scan (some firewall rules only allow established connections, i.e, those with ACK set) UDP scan (port unreachable response = closed) Module 18

5 Identifying Services With nmap
By default, nmap scans the 1,000 most popular service ports. It identifies ports as being in one of six different states: Open Closed Filtered Unfiltered Open|Filtered Closed|Filtered Module 18

6 Port Classifications Open
Actively accepting TCP connections, UDP datagrams, or SCTP associations Closed Accessible, but no application is listening on it. May come alive later. Filtered nmap cannot determine whether open or closed. Unfiltered ACK scan shows that packets can get through firewall, but no other response is identified. Module 18

Download ppt "Module 18 (More Network Discovery)"

Similar presentations

 Dynamic policies o Change as system security state/load changes o GAA architecture  Extended access control lists  Pre-, mid- and post-conditions,

 Dynamic policies o Change as system security state/load changes o GAA architecture  Extended access control lists  Pre-, mid- and post-conditions,
COEN 252 Computer Forensics Using TCPDump / Windump for package analysis.

COEN 252 Computer Forensics Using TCPDump / Windump for package analysis.
TCP/IP Fundamentals A quick and easy way to understand TCP/IP v4.

TCP/IP Fundamentals A quick and easy way to understand TCP/IP v4.
CISCO NETWORKING ACADEMY Chabot College ELEC 99.05 Transport Layer (4)

CISCO NETWORKING ACADEMY Chabot College ELEC Transport Layer (4)
Network Mapping  Identify Live Hosts  Determine running Services TCP Port Scanning UDP Port Scanning Banner Grabbing ARP Discovery  Identify Perimeter.

Network Mapping  Identify Live Hosts  Determine running Services TCP Port Scanning UDP Port Scanning Banner Grabbing ARP Discovery  Identify Perimeter.
Nmap Experiment.

Nmap Experiment.
NMAP Scanning Options. EC-Council NMAP  Nmap is the most popular scanning tool used on the Internet.  Cretead by Fyodar (http://www.insecure.org), it.

NMAP Scanning Options. EC-Council NMAP  Nmap is the most popular scanning tool used on the Internet.  Cretead by Fyodar ( it.
Network Security of Labnet ******. Introduction Test the network security of the servers on our Labnet domain Find Potential Weaknesses Find Security.

Network Security of Labnet ******. Introduction Test the network security of the servers on our Labnet domain Find Potential Weaknesses Find Security.
CSE551: Computer Network Review r Network Layers r TCP/UDP r IP.

CSE551: Computer Network Review r Network Layers r TCP/UDP r IP.
Hands-On Ethical Hacking and Network Defense Second Edition Chapter 5 Port Scanning.

Hands-On Ethical Hacking and Network Defense Second Edition Chapter 5 Port Scanning.
Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning.

Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning.
Xmas Tree Scan Detection with Snort Presented by: Aqila Dissanayake University of Windsor Olalekan Kadri University of Windsor

Xmas Tree Scan Detection with Snort Presented by: Aqila Dissanayake University of Windsor Olalekan Kadri University of Windsor
IP Network Scanning.

IP Network Scanning.
CIT 380: Securing Computer SystemsSlide #1 CIT 380: Securing Computer Systems Scanning.

CIT 380: Securing Computer SystemsSlide #1 CIT 380: Securing Computer Systems Scanning.
Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning Last updated 9-18-08.

Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning Last updated
Scanning Determining if the system is alive IP Scanning Port Scanning War Dialing.

Scanning Determining if the system is alive IP Scanning Port Scanning War Dialing.
TCP segment structure source port # dest port # 32 bits application data (variable length) sequence number acknowledgement number rcvr window size ptr.

TCP segment structure source port # dest port # 32 bits application data (variable length) sequence number acknowledgement number rcvr window size ptr.
Hacking Exposed 7 Network Security Secrets & Solutions Chapter 2 Scanning 1.

Hacking Exposed 7 Network Security Secrets & Solutions Chapter 2 Scanning 1.
Port Scanning CT1406 lab#5.

Port Scanning CT1406 lab#5.
Scanning slides (c) 2012 by Richard Newman based on Hacking Exposed 7 by McClure, Scambray, and Kurtz.

Scanning slides (c) 2012 by Richard Newman based on Hacking Exposed 7 by McClure, Scambray, and Kurtz.

Similar presentations

Ads by Google