network mapping
DESCRIPTION
Network Mapping. Identify Live Hosts Determine running Services TCP Port Scanning UDP Port Scanning Banner Grabbing ARP Discovery Identify Perimeter Network (Router / Firewalls) Tracerouting Scan Default Firewall/Router Ports Perform FIN/ACK Scan Map Router / Firewall Rule-Base. - PowerPoint PPT PresentationTRANSCRIPT
Network Mapping Identify Live Hosts Determine running Services
TCP Port Scanning UDP Port Scanning Banner Grabbing ARP Discovery
Identify Perimeter Network (Router / Firewalls) Tracerouting Scan Default Firewall/Router
Ports Perform FIN/ACK Scan Map Router / Firewall
Rule-Base
Passive OS Guessing Active OS Guessing
TCP/IP Stack Fingerprinting HTTP Packet Analysis ICMP Packet Analysis Telnet Handshake Analysis
Host Enumeration Systems Enumeration
Heorot.net
Identify Live Hosts
Project Scope will restrict scan spectrum
Tools:pingnmaphpingtraceroutetpctraceroute
Heorot.net
Identify Live Hosts
ping Demonstration
Identify Live Hosts
nmap Demonstration
Identify Live Hosts
hping Demonstration
Identify Live Hosts
traceroute Demonstration
Identify Live Hosts
tcptraceroute Demonstration
Hands-On Exercise Identify Live Hosts
Tools:pingnmaphpingtraceroutetpctraceroute
Man pages# man ping# man nmap# man traceroute# man tcptraceroute
Difference between:TCPUDP
What is an “ICMP echo request”?#man icmp
Heorot.net
Determine Running Services
TCP Port Scanning UDP Port Scanning Banner Grabbing ARP Discovery
Heorot.net
Determine Running Services
TCP Port Scanning
Tools:nmapnetcathping
Heorot.net
Determine Running Services
nmap Demonstration
Determine Running Services
netcat Demonstration
Determine Running Services
hping Demonstration
Determine Running Services
UDP Port Scanning
Tools:nmapnetcathping
Heorot.net
Determine Running Services
nmap Demonstration
Determine Running Services
netcat Demonstration
Determine Running Services
hping Demonstration
Determine Running Services
Banner Grabbing
Tools:nmapamapnetcattelnet
Heorot.net
Determine Running Services
nmap Demonstration
Determine Running Services
amap Demonstration
Determine Running Services
netcat Demonstration
Determine Running Services
telnet Demonstration
Determine Running Services
ARP Discovery
Tools:arpingarp + protocol analyzer
Heorot.net
Hands-On Exercise Determining Running Services
Tools:nmapnetcathpingamapnetcattelnet
TCP Services5 “open” services
UDP Services1 “closed” service
(or is it???)
BannersHow many banners can you
grab?Version InformationApplication Name
TCP 3-way Handshake
Heorot.net
Operating System Guessing
Operating System Query
Tools:httprintnetcatnmap
Heorot.net
Operating System Guessing
httprint Demonstration
Operating System Guessing
netcat Demonstration
Operating System Guessing
ICMP Packet Analysis
Tools:xprobe
Heorot.net
Operating System Guessing
xprobe Demonstration
Operating System Guessing
Telnet Handshake Analysis
Tools:nmaptelnetfp
Heorot.net
Operating System Guessing
nmap Demonstration
Host Enumeration
What did you miss?Unknown application?
Unusual OS?
Time to read up:RFC (Request for Comments)White PapersManuals
Heorot.net
Hands-On Exercise Operating System Guessing / Host Enumeration
Tools:xprobenmap
RFCsWhat they areWho produces themRFC 793, 768, 792
○ Bonus: 854, 4251○ Super-Geek Bonus: 3766
White PapersLinuxSlackware
DocumentationSlackware
Heorot.net
Module 4 – Conclusion
Phase II Controls Assessment Scheduling
○ Information Gathering○ Network Mapping
Identify Live HostsDetermine running ServicesIdentify Perimeter Network (Router / Firewalls)Passive OS GuessingActive OS GuessingHost Enumeration
Heorot.net