Series on Information Security - Weekly -Part 11

As a part of reconnaissance , one can use the the methods mentioned below.
Websites that can be used to collect information is for APNIC , ARIN ,
Software Reviews, Opinions, and Tips - DNSstuff,
#-Link-Snipped-#,
Registro de Direcciones IP en LAC | LACNIC etc.

Similarly the few of the tools that can be used for reconnaissance purpose are,
a) Nmap (#-Link-Snipped-#) : IP and port scanning tool
b) NSlookup,dig : A tool for discovering IP information on DNS names

Tools used for scanning

Angry IP Scanner : A fast and small IP scanner. It pings each IP address to check whether it is alive. Then, optionally, it resolves host names and tries to connect as specified in the Options dialog box TCP port. The advantage of using Angry IP Scanner is the feature that allows to store the results in csv and xml format. The tool is available at #-Link-Snipped-#.

Here is a sample screen shot for Angry IP scanner.

upload_2018-3-4_18-50-32

This is again pre-attack phase. Remember we have already collected some basic information in the reconnaissance attack. This information can be used further for scanning attacks. Here we can collect information like is there any modems available , what are the ports that are available, can we exploit the ports or service, version of application , version of OS , vulnerability associated with particular version of application , service or operating system. At this stage the attack is becoming more of an active attack rather than passive attack. Here the probability of getting detected is more as compared to the previous stage. There are many tools that are available for scanning that includes commercial as well as open source.

There are numerous Scanning Techniques that can be used for different types of scanning. Here are the scanning techniques under different scenarios.

i) Port scanning,
ii) Wardialing,
iii) wardriving
iv) vulnerability scanning,
v) Network mapping

In the next section we will dive into greater details of the scanning scenarios.

Replies

You are reading an archived discussion.

Related Posts

All of us have at some point of time experienced that annoying feeling when we are so very busy and a random tele-caller calls, trying to sell a loan or...
Quote: “What’s an engineer?” “Why are you an engineer?” “Engineering has a bad reputation for children. We grow up learning that we should aspire to be scientists, teachers, doctors etc....
Ditch ground floors to protect buildings from tsunamis, study suggests
The Facebook-owned WhatsApp is consistently working on new features to improve the user experience of its instant messaging platform which is currently used by over a billion people. For Android...
The South-Korean consumer electronics giant, Samsung is all set to launch its latest flagships Galaxy S9 and S9+ in India today. The said smartphones were first unveiled at MWC Barcelona...