Chapter 4. IP Network Scanning

Previous page
Table of content
Next page

This chapter focuses on the technical execution of IP network scanning. After undertaking initial reconnaissance to identify IP address spaces of interest, network scanning builds a clearer picture of accessible hosts and their network services. Network scanning and reconnaissance is the real data gathering exercise of an Internet-based security assessment. The rationale behind IP network scanning is to gain insight into the following elements of a given network:

  • ICMP message types that generate responses from target hosts

  • Accessible TCP and UDP network services running on the target hosts

  • Operating platforms of target hosts and their configuration

  • Areas of vulnerability within target host IP stack implementations (including sequence number predictability for TCP spoofing and session hijacking)

  • Configuration of filtering and security systems (including firewalls, border routers, switches, and IDS sensors)

Performing both network scanning and reconnaissance tasks paints a clear picture of the network topology and its security mechanisms. Before penetrating the target network, further assessment steps involve gathering specific information about the TCP and UDP network services that are running, including their versions and enabled options.


Previous page
Table of content
Next page
Network Security Assessment
Network Security Assessment: Know Your Network
ISBN: 059600611X
EAN: 2147483647
Year: 2006
Pages: 166
Authors: Chris McNab
BUY ON AMAZON
Documenting Software Architectures: Views and Beyond
Data Structures and Algorithms in Java
Twisted Network Programming Essentials
802.11 Wireless Networks: The Definitive Guide, Second Edition
FileMaker 8 Functions and Scripts Desk Reference
GDI+ Programming with C#
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy