1 / 30

Scanning

Scanning. 2012 BackTrack Workshop Upstate ISSA Chapter. Agenda. Passive “Scanning” Active Scanning. Passive “Scanning”. Wireshark tcpdump Lanmap EtherApe. Wireshark. Applications -> BackTrack -> Information Gathering -> Network Analysis -> Network Traffic Analysis -> wireshark OR

millie
Download Presentation

Scanning

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Scanning 2012 BackTrack Workshop Upstate ISSA Chapter

  2. Agenda • Passive “Scanning” • Active Scanning

  3. Passive “Scanning” • Wireshark • tcpdump • Lanmap • EtherApe

  4. Wireshark • Applications -> BackTrack -> Information Gathering -> Network Analysis -> Network Traffic Analysis -> wireshark OR wireshark

  5. Wireshark

  6. tcpdump • Simple packet capture from eth0 tcpdump –i eth0 • Limit number of packets capture tcpdump –c 2 –i eth0 • Display packets in ASCII tcpdump –A –i eth0 • And Hex… tcpdump –XX –i eth0

  7. tcpdump tcpdump –i eth0

  8. Lanmap

  9. Lanmap

  10. Lanmap

  11. EtherApe

  12. Active Scanning • Hack Naked • Ping Sweeps • Discovering Open Ports • Service Enumeration • SNMP Walking • VPN Detection

  13. Hack Naked • Conduct testing without security controls such as firewalls, IPS and AV

  14. Ping Sweeps • Nmap • Zenmap • fping • hping2

  15. Nmap (Ping Sweep) nmap 192.168.1.0/24 -sP

  16. Zenmap (Ping Sweep)

  17. fping fping –g 192.168.1.0/24

  18. Fping (Wireshark capture)

  19. hping (Default Packets) hping2 192.168.1.112 –S -V

  20. Discovering Open Ports • Nmap Default Scan • Scanning All Ports

  21. Nmap Default Scan

  22. Zenmap (Default Scan)

  23. Service Enumeration • Nmap Service Detection • NSE (Nmap Scripting Engine)

  24. Nmap Service Detection nmap 192.168.1.112 -sV

  25. NSE (Nessus Scripting Engine) nmap 192.168.1.112 -sC

  26. SNMP Walking

  27. Cisco SNMP Exploit

  28. Cisco Config Download

  29. Cisco Router SNMP Merge

More Related