Chapter 4: Port Scanners
|
| < Day Day Up > |
|
Overview
Back in Chapter 1, you learned that one of Netcat’s many uses is as a Transmission Control Protocol (TCP) or User Datagram Protocol (UDP) port scanner. However, Netcat’s port scanning features are rather limited in that the tool always makes a genuine TCP connection (no specialized stealth methods), it can handle only one host at a time, and the scan output format is rather crude. Chances are, if you want to do port scanning the right way, you’re going to need a tool specifically focused on scanning ports and returning valuable information about a group of hosts. This chapter covers several such tools. Each tool will enumerate a specified range of TCP or UDP ports and attempt to send specially crafted packets to each port to gather information. However, the methods and capabilities by which each tool performs its tasks can vary.
Port scanners are useful in the early stages of hacking or hacking prevention because they help identify potential targets. Nearly every host—regardless of hardware, software, or function—has some kind of identifying feature. A casual observer with the right tools might be able to discover the services a machine is running (web server, FTP server, mail server, and so on), the version level, and even the operating system of the host by sending it a few packets of data and scrutinizing how it responds.
In today’s world, despite the nearly daily accounts of hacking incidents, many people place their computers on the Internet unprepared. Even within the IT industry, system administrators will install the latest version of Linux on a brand-new server, perhaps install some extra software, and let it do its thing. As soon as that box is discovered, though, someone will be able to determine not only that it’s running Linux, but also what distribution of Linux it’s running as well as the version number.
In the Case Study “Ports Painting a Picture,” you’ll learn how the number and types of ports found on a host can help to identify the operating system and software versions running on that host.
In the Case Study, “Banner Identification,” you’ll learn how the technique of banner grabbing can still be used to obtain OS, version, and geographical information about a host.
In the Case Study, “OS Fingerprinting,” you’ll learn how a host’s operating system might be identified just by watching how it interacts on a network.
|
| < Day Day Up > |
|
EAN: 2147483647
Pages: 189
- ERP System Acquisition: A Process Model and Results From an Austrian Survey
- Enterprise Application Integration: New Solutions for a Solved Problem or a Challenging Research Field?
- Healthcare Information: From Administrative to Practice Databases
- A Hybrid Clustering Technique to Improve Patient Data Quality
- Development of Interactive Web Sites to Enhance Police/Community Relations
- Chapter VI Web Site Quality and Usability in E-Commerce
- Chapter VIII Personalization Systems and Their Deployment as Web Site Interface Design Decisions
- Chapter XIII Shopping Agent Web Sites: A Comparative Shopping Environment
- Chapter XIV Product Catalog and Shopping Cart Effective Design
- Chapter XVI Turning Web Surfers into Loyal Customers: Cognitive Lock-In Through Interface Design and Web Site Usability