Scanning Networks Flashcards
why is scanning for networks crucial?
n the process of scanning, you attempt to gather information, including the specific IP addresses of the target system that can be accessed over the network (live hosts), open ports, and respective services running on the open ports and vulnerabilities in the live hosts.
what will portscanning help me with? How does it work, and what does it discover?
Port scanning will help you identify open ports and services running on specific ports, which involves connecting to Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) system ports. Port scanning is also used to discover the vulnerabilities in the services running on a port
Why are network scans needed?
- Check live systems and open ports
- Identify services running in live systems
- Perform banner grabbing/OS fingerprinting
- Identify network vulnerabilities
- Draw network diagrams of vulnerable hosts
What is network scanning? how is it done? what is its purpose
Network scanning is the process of gathering additional detailed information about the target by using highly complex and aggressive reconnaissance techniques. The purpose of scanning is to discover exploitable communication channels, probe as many listeners as possible, and keep track of the responsive ones.
what are the types of scanning
Port Scanning: Lists open ports and services
Network Scanning: Lists the active hosts and IP addresses
Vulnerability Scanning: Shows the presence of known weaknesses
what should you be able to do as a pen tester and what will be your first task during this phase?
you should be able to scan and detect the active network systems/devices in the target network. During the network scanning phase of security assessment, your first task is to scan the network systems/devices connected to the target network within a specified IP range and check for live systems in the target network.
what is host discovery? what does it provide? How does this help
Host discovery is considered the primary task in the network scanning process. It is used to discover the active/live hosts in a network. It provides an accurate status of the systems in the network, which, in turn, reduces the time spent on scanning every port on every system in a sea of IP addresses in order to identify whether the target host is up.
what are some host discovery techniques?
ARP ping scan
UDP ping scan
ICMP ping scan (ICMP ECHO ping, ICMP timestamp, ping ICMP, and address mask ping)
TCP ping scan (TCP SYN ping and TCP ACK ping)
IP protocol scan
what is nmap and what tasks does it do
Nmap is a utility used for network discovery, network administration, and security auditing. It is also used to perform tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime.
what does the nmap -sn -PR [Target IP Address] do
want to see that the Host is up
-sn: disables port scan and -PR: performs ARP ping scan.
how to perform a UDP ping scan
nmap -sn -PU 10.10.10.16
how can i tell if the target host is offline or unreachable?
various error messages such as “host/network unreachable” or “TTL exceeded” could be returned
how to perform an ICMP ECHO Ping scan and why is it useful?
nmap -sn -PE [Target IP Adress]
This scan is useful for locating active devices or determining if the ICMP is passing through a firewall.
How to perform an ICMP ECHO ping sweep and what does it determine and how does it work?
nmap -sn -PE[Target Range of IP Addresses]
determines the live hosts from arange of IP addresses by sending ICMP ECHO requests to multiple hoss.
what to do if administrators block the ICMP ECHO pings
ICMP Timestamp and Address Mask Ping Scan # nmap -sn -PP [target IP address]
