SlideShare a Scribd company logo

Scanning networks (by piyush upadhyay)

Download as PPTX, PDF
P
Piyush Upadhyay

The document presents an overview of networking concepts, including IP addresses, services, and ports, highlighting the importance of network scanning. It discusses various scanning types such as host, port, and vulnerability scanning, as well as tools like Nmap, Nessus, and GFI Languard for these tasks. Additionally, it emphasizes the need for careful service detection and awareness of potential vulnerabilities in network security.

Technology
1 of 16
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
About Me >Piyush Upadhyay (d3cR3pt3r). >Admin of Techtown Technology. >Starter youtuber and blogger. >An Ethical Hacker (Found 15 bug’s including google and tubebuddy.) Techspon.blogspot.com 1
Network Basics • A netowk consist of 3 parts 1. IP Address 2. Services 3. Port • IP Addresses – An address is comprised of two parts- a network address and a host address and determined by the subnet mask. – A simple example is 192.168.1.1 with a subnet mask of 255.255.255.0. • 192.168.1 is the network address (the 192.168.1.0 network) and .1 is a host address on that network. Techspon.blogspot.com 2
• Services – The network protocol that listens for incoming connection requests and links the server application with the client – Typically each service runs on a set of specific ports – In actuality, any service can run on any port • Therefore, you should put only limited trust in port/service mappings. – Use an application scanner (service detection) to ensure find out what application is really running on that port. – Nmap has service detection 3Techspon.blogspot.com
• Ports • A port is where a service listens for connections • Common services use common well-known ports • Could use any port as long as both the server and the client know which port to connect to • Ports allow different services to be available from one location or IP Address 4Techspon.blogspot.com
Scanning • Types of scanning – Host (Ping) Scanning – Port Scanning – Vulnerability Scanning 5 Techspon.blogspot.com
Host Scanning • Hackers perform host scanning to locate and identify hosts on the network. • Usually by “pinging” a range of IP addresses. • Host which respond to pings may be targeted for attack. 6 Techspon.blogspot.com
Port Scanning • Hackers perform Port Scans to determine what services a host may be running. • By knowing the services the hacker can attempt attacks against known vulnerabilities in the service. • Port scans attempt to make initial connection to service running on a particular port number. • Port scans are invasive and are easily detected by Intrusion Detection and/or firewalls. 7 Techspon.blogspot.com
Vulnerability Scanning • What is vulnerability scanning? – Used to find known flaws within an application or network. – These scanning tools are typically signature based and can only find vulnerabilities that the tools know about. – Many good commercial and freeware tools are available. 8Oceanofwebs.com
Scanning Tools • Host & Port Scanning – Nmap • Vulnerability Scanning – GFI and Nessus 9 Techspon.blogspot.com
10 Techspon.blogspot.com
Scanning Tool - Nmap • The only port scanner you’ll need • Pros – FREE – Continually Updated – OS Detection and Service Detection – Support for both Windows and Unix • Cons – No standard Graphical User Interface 11 Techspon.blogspot.com
Scanning Tool- SuperScan Pro’s – FREE download from Foundstone – Very stable, Fairly fast – Graphical User Interface Con’s – Windows version only – No stealth options, no Firewall Evasion – Service Detection/Application Mapping 12 Techspon.blogspot.com
13 Techspon.blogspot.com
Scanning Tool – Nessus • Pros – Nessus is free – Large plugin or signature base – You can customize and create new plugins • Cons – Tenable took Nessus private (closed source) – Purchasing plans for new plugins – Shareware plug-ins are seven days behind LINK: (www.nessus.org) 14 Techspon.blogspot.com
Scanning Tool – GFI LANguard Network Security Scanner • Pros – Port Scanner, Enumeration, and Vulnerability Scanner – Many features such as SNMP and SQL brute force – Great for Windows networks • Cons – Lacks extensive signatures for other operating systems – Look to Nessus for scanning heterogeneous networks 15 Techspon.blogspot.com
..The End .. Techspon.blogspot.com 16

More Related Content

PPTX
Network scanning
oceanofwebs
 
RTF
Port Scanning Overview
Publicly traded global multi-billion services company
 
PPT
Port scanning
Hemanth Pasumarthi
 
PPTX
Network scanner
Shrikrishna Parab
 
ODP
Wireless security beyond password cracking by Mohit Ranjan
OWASP Delhi
 
PDF
BSides Rochester 2018: Esteban Rodriguez: Ducky In The Middle: Injecting keys...
JosephTesta9
 
PDF
NMAP by Shrikant Antre & Shobhit Gautam
n|u - The Open Security Community
 
PPT
Namp
penetration Tester
 
Network scanning
oceanofwebs
 
Port Scanning Overview
Publicly traded global multi-billion services company
 
Port scanning
Hemanth Pasumarthi
 
Network scanner
Shrikrishna Parab
 
Wireless security beyond password cracking by Mohit Ranjan
OWASP Delhi
 
BSides Rochester 2018: Esteban Rodriguez: Ducky In The Middle: Injecting keys...
JosephTesta9
 
NMAP by Shrikant Antre & Shobhit Gautam
n|u - The Open Security Community
 
Namp
penetration Tester
 

What's hot (19)

PPTX
Nmap
NishaYadav177
 
PDF
Network security
Telematika Open Session
 
PPTX
N map presentation
ulirraptor
 
PPTX
NMAP
PrateekAryan1
 
PPTX
Recon with Nmap
OWASP Delhi
 
PDF
Nmap commands
Kailash Kumar
 
PPTX
Fundamental of Webserver Hacking, Web Applications and Database Attacks
UK Defence Cyber School
 
PPT
VPN vs. PROXY
ali25rad
 
PPTX
Nmap basics
n|u - The Open Security Community
 
PPTX
Nmap and metasploitable
Mohammed Akbar Shariff
 
PPTX
NMAP - The Network Scanner
n|u - The Open Security Community
 
PPTX
NMap
Pritesh Raka
 
PPTX
Nmap(network mapping)
shwetha mk
 
PDF
Nmap Basics
amiable_indian
 
PPTX
Free OpManager training_Part 1- Discovery & classification
ManageEngine, Zoho Corporation
 
PPTX
Nmap
Sreekanth Narendran
 
PPTX
Ethical hacking Chapter 6 - Port Scanning - Eric Vanderburg
Eric Vanderburg
 
PPTX
C0C0N 2013 - OWASP Skanda
jayesh singh chauhan
 
PDF
SplunkLive! Milan 2015 - Fastweb
Splunk
 
Nmap
NishaYadav177
 
Network security
Telematika Open Session
 
N map presentation
ulirraptor
 
NMAP
PrateekAryan1
 
Recon with Nmap
OWASP Delhi
 
Nmap commands
Kailash Kumar
 
Fundamental of Webserver Hacking, Web Applications and Database Attacks
UK Defence Cyber School
 
VPN vs. PROXY
ali25rad
 
Nmap basics
n|u - The Open Security Community
 
Nmap and metasploitable
Mohammed Akbar Shariff
 
NMAP - The Network Scanner
n|u - The Open Security Community
 
NMap
Pritesh Raka
 
Nmap(network mapping)
shwetha mk
 
Nmap Basics
amiable_indian
 
Free OpManager training_Part 1- Discovery & classification
ManageEngine, Zoho Corporation
 
Nmap
Sreekanth Narendran
 
Ethical hacking Chapter 6 - Port Scanning - Eric Vanderburg
Eric Vanderburg
 
C0C0N 2013 - OWASP Skanda
jayesh singh chauhan
 
SplunkLive! Milan 2015 - Fastweb
Splunk
 
Ad

Similar to Scanning networks (by piyush upadhyay) (20)

PPTX
Sccccccccccccccccccccccannig Network.pptx
rsi3pfe
 
PPTX
ICMP
Ruhollah Arabi
 
PPTX
[old] Network Performance Monitoring for DevOps and IT
Site24x7
 
PPTX
Network Penetration Testing
Mohammed Adam
 
DOCX
What can an attacker can determine which network services are enabled.docx
todd471
 
PPTX
Nmap project presentation : Unlocking Network Secrets: Mastering Port Scannin...
Boston Institute of Analytics
 
PPTX
Network scan
penetration Tester
 
PDF
Penetration Testing Services Technical Description Cyber51
martinvoelk
 
PDF
a framework for fingerprinting ICS honeypots
Mohammad Reza Zamiri
 
PPT
Network Scanning Phases and Supporting Tools
Joseph Bugeja
 
PPT
ids.ppt
Agostinho9
 
PPT
Monitor and manage everything Cisco using OpManager
ManageEngine
 
PPT
Introduction to firewalls
Divya Jyoti
 
PPTX
What is a Port Scan in data visualization
Komal Khanna
 
PPTX
lecture5.pptxJHKGJFHDGTFGYIUOIUIPIOIPUOHIYGUYFGIH
Abodahab
 
PPTX
lecture5.pptx
Llobarro2
 
PPTX
DC612 Day - Hands on Penetration Testing 101
dc612
 
PPTX
Cybersecurity and Ethical Hacking: Capstone Project
Boston Institute of Analytics
 
PPT
Hacking Cisco Networks and Countermeasures
dkaya
 
PPT
cyber forensics-enum,sniffing,malware threat.ppt
mcjaya2024
 
Sccccccccccccccccccccccannig Network.pptx
rsi3pfe
 
ICMP
Ruhollah Arabi
 
[old] Network Performance Monitoring for DevOps and IT
Site24x7
 
Network Penetration Testing
Mohammed Adam
 
What can an attacker can determine which network services are enabled.docx
todd471
 
Nmap project presentation : Unlocking Network Secrets: Mastering Port Scannin...
Boston Institute of Analytics
 
Network scan
penetration Tester
 
Penetration Testing Services Technical Description Cyber51
martinvoelk
 
a framework for fingerprinting ICS honeypots
Mohammad Reza Zamiri
 
Network Scanning Phases and Supporting Tools
Joseph Bugeja
 
ids.ppt
Agostinho9
 
Monitor and manage everything Cisco using OpManager
ManageEngine
 
Introduction to firewalls
Divya Jyoti
 
What is a Port Scan in data visualization
Komal Khanna
 
lecture5.pptxJHKGJFHDGTFGYIUOIUIPIOIPUOHIYGUYFGIH
Abodahab
 
lecture5.pptx
Llobarro2
 
DC612 Day - Hands on Penetration Testing 101
dc612
 
Cybersecurity and Ethical Hacking: Capstone Project
Boston Institute of Analytics
 
Hacking Cisco Networks and Countermeasures
dkaya
 
cyber forensics-enum,sniffing,malware threat.ppt
mcjaya2024
 
Ad

Recently uploaded (20)

PPTX
Spectroscopy.pptx food analysis technology
nawahassan45
 
PPTX
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
PDF
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
PDF
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
PDF
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
PDF
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
PDF
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
PDF
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
PDF
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
PDF
Chapter 3 Spatial Domain Image Processing.pdf
Getnet Tigabie Askale -(GM)
 
PDF
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
PDF
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
PPTX
MYSQL Presentation for SQL database connectivity
Swati270511
 
PDF
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
PPTX
Cloud computing and distributed systems.
kkkkkhan
 
PDF
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 
PDF
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 
PDF
How UI/UX Design Impacts User Retention in Mobile Apps.pdf
SynapseIndia
 
PDF
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
PPT
Teaching material agriculture food technology
LiaRayya
 
Spectroscopy.pptx food analysis technology
nawahassan45
 
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
Chapter 3 Spatial Domain Image Processing.pdf
Getnet Tigabie Askale -(GM)
 
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
MYSQL Presentation for SQL database connectivity
Swati270511
 
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
Cloud computing and distributed systems.
kkkkkhan
 
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 
How UI/UX Design Impacts User Retention in Mobile Apps.pdf
SynapseIndia
 
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
Teaching material agriculture food technology
LiaRayya
 

Scanning networks (by piyush upadhyay)

  • 1. About Me >Piyush Upadhyay (d3cR3pt3r). >Admin of Techtown Technology. >Starter youtuber and blogger. >An Ethical Hacker (Found 15 bug’s including google and tubebuddy.) Techspon.blogspot.com 1
  • 2. Network Basics • A netowk consist of 3 parts 1. IP Address 2. Services 3. Port • IP Addresses – An address is comprised of two parts- a network address and a host address and determined by the subnet mask. – A simple example is 192.168.1.1 with a subnet mask of 255.255.255.0. • 192.168.1 is the network address (the 192.168.1.0 network) and .1 is a host address on that network. Techspon.blogspot.com 2
  • 3. • Services – The network protocol that listens for incoming connection requests and links the server application with the client – Typically each service runs on a set of specific ports – In actuality, any service can run on any port • Therefore, you should put only limited trust in port/service mappings. – Use an application scanner (service detection) to ensure find out what application is really running on that port. – Nmap has service detection 3Techspon.blogspot.com
  • 4. • Ports • A port is where a service listens for connections • Common services use common well-known ports • Could use any port as long as both the server and the client know which port to connect to • Ports allow different services to be available from one location or IP Address 4Techspon.blogspot.com
  • 5. Scanning • Types of scanning – Host (Ping) Scanning – Port Scanning – Vulnerability Scanning 5 Techspon.blogspot.com
  • 6. Host Scanning • Hackers perform host scanning to locate and identify hosts on the network. • Usually by “pinging” a range of IP addresses. • Host which respond to pings may be targeted for attack. 6 Techspon.blogspot.com
  • 7. Port Scanning • Hackers perform Port Scans to determine what services a host may be running. • By knowing the services the hacker can attempt attacks against known vulnerabilities in the service. • Port scans attempt to make initial connection to service running on a particular port number. • Port scans are invasive and are easily detected by Intrusion Detection and/or firewalls. 7 Techspon.blogspot.com
  • 8. Vulnerability Scanning • What is vulnerability scanning? – Used to find known flaws within an application or network. – These scanning tools are typically signature based and can only find vulnerabilities that the tools know about. – Many good commercial and freeware tools are available. 8Oceanofwebs.com
  • 9. Scanning Tools • Host & Port Scanning – Nmap • Vulnerability Scanning – GFI and Nessus 9 Techspon.blogspot.com
  • 11. Scanning Tool - Nmap • The only port scanner you’ll need • Pros – FREE – Continually Updated – OS Detection and Service Detection – Support for both Windows and Unix • Cons – No standard Graphical User Interface 11 Techspon.blogspot.com
  • 12. Scanning Tool- SuperScan Pro’s – FREE download from Foundstone – Very stable, Fairly fast – Graphical User Interface Con’s – Windows version only – No stealth options, no Firewall Evasion – Service Detection/Application Mapping 12 Techspon.blogspot.com
  • 14. Scanning Tool – Nessus • Pros – Nessus is free – Large plugin or signature base – You can customize and create new plugins • Cons – Tenable took Nessus private (closed source) – Purchasing plans for new plugins – Shareware plug-ins are seven days behind LINK: (www.nessus.org) 14 Techspon.blogspot.com
  • 15. Scanning Tool – GFI LANguard Network Security Scanner • Pros – Port Scanner, Enumeration, and Vulnerability Scanner – Many features such as SNMP and SQL brute force – Great for Windows networks • Cons – Lacks extensive signatures for other operating systems – Look to Nessus for scanning heterogeneous networks 15 Techspon.blogspot.com