[go: up one dir, main page]
Scribd
Upload
119 views7 pages

Free Vulnerability Scanning Tools

The document discusses different types of scanning attacks, including network scans, host scans, and vulnerability scans. It describes the phases of scanning attacks and provides details about techniques for network scanning, host scanning, operating system identification, idle scans, and vulnerability scanning. Examples of scanning tools that can be used for both free and commercial purposes are also listed.

Uploaded by

Piyush Tilara
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
119 views7 pages

Free Vulnerability Scanning Tools

The document discusses different types of scanning attacks, including network scans, host scans, and vulnerability scans. It describes the phases of scanning attacks and provides details about techniques for network scanning, host scanning, operating system identification, idle scans, and vulnerability scanning. Examples of scanning tools that can be used for both free and commercial purposes are also listed.

Uploaded by

Piyush Tilara
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

Scanning Attacks:Network And System Attacks August 14

Piyush Tilara ()

Scanning Attacks

August 14

1/7

PHASES

Introduction Network Scan Host Scan Vulnerability Scan Demonstration

Piyush Tilara ()

Scanning Attacks

August 14

2/7

Network Scan

Network Scanning is the procedure for identifying active hosts on a network,either for the purpose of attacking them or for network security assessment. The most common technique of scanning a network is the ping sweep technique. Ping sweep technique is used to determine which of a range of IP addresses map to live hosts.
It consists of ICMP ECHO request packets sent to multiple hosts. If a given address is live it will give an ICMP ECHO reply. It can be used to identify victim machines as well as zombies.

Classical tools are :hping,nmap.

Piyush Tilara ()

Scanning Attacks

August 14

3/7

Host Scan
The result of scan on a port is usually generalized into three categories:
Open or Accepted:The host sent a reply indicating that a service is listening on the port. Closed or Denied or Not Listening:The host sent a reply indicating that connections will be denied to the port e.g ICMP port unreachable message. Filtered,Dropped or Blocked:There was no reply from the host.

A host scan be performed in several ways:


SYN Scanning UDP Scanning ACK sCANNING FIN Scanning XMAS Scanning

Piyush Tilara ()

Scanning Attacks

August 14

4/7

OS Guess
A Snier can use the TCP/IP stack ngerprinting to guess the O.S. running on a machine. The TCP/IP eld that may vary include the following:
Initial packet size (16 bits) Initial TTL (8 bits) Window size (8 bits) Max segment size(16 bits) Window scaling value (8 bits) Do not fragment ag (1 bit) SACKOK ag (1 bit) NOP ag (1 bit)

These values may be combined to form a 67 bit signature, or ngerprint for the target machine.

Piyush Tilara ()

Scanning Attacks

August 14

5/7

Idle Scan

Idle scan is a TCP port scan method that through utility software tools such as nmap and hping allow sending spoofed packets to a computer. First of all it is necessary to identify a zombie(by means of ping sweep). Zombie must be inactive in the internet.

Piyush Tilara ()

Scanning Attacks

August 14

6/7

Vulnerability Scan
The automated process of proactively identifying vulnerabilities of computer systems present in a network. A vulnerability scanner is a computer program designed to access computers,computer systems,networks or applications for weaknesses. Free Tools
SAINT SARA NESSUS VLAD

Commercial Tools
Cybercop scanner ISS Internet scanner Vigilante Secure scan

Piyush Tilara ()

Scanning Attacks

August 14

7/7

You might also like