Scribd
Upload
9 views

Module-3 Scanning

The document discusses different types of network scanning including port scanning, network scanning, and vulnerability scanning and provides objectives and tools used for scanning networks such as Nmap, Zenmap, Hping3, Metasploit, and Netscantools Pro. Common ports are listed along with their associated protocols and example Nmap commands are provided to scan specific ports, services, and perform aggressive scans of subnets. Configuring proxy chains using Tor and conducting scans through Tor is also briefly outlined.

Uploaded by

posici1542
Copyright
© © All Rights Reserved
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
9 views

Module-3 Scanning

The document discusses different types of network scanning including port scanning, network scanning, and vulnerability scanning and provides objectives and tools used for scanning networks such as Nmap, Zenmap, Hping3, Metasploit, and Netscantools Pro. Common ports are listed along with their associated protocols and example Nmap commands are provided to scan specific ports, services, and perform aggressive scans of subnets. Configuring proxy chains using Tor and conducting scans through Tor is also briefly outlined.

Uploaded by

posici1542
Copyright
© © All Rights Reserved
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 99

Types of scanning

1. Port scanning
2. Network scanning
3. Vulnerability scanning

Objectives
To find Live devices, OS, IPs in use
ports(open/closed)
Vulnerabilities
•Nmap / zenmap
Tools used •Hping3/hping2

for scanning •Metasploit


•Netscantools pro

networks
nmap –sn subnet
TCP SCAN
UDP SCAN
nmap usage
Nmap –sn 192.168.1.0/24 - it will scan entire subnet
Nmap –sC -sV ip_addr - it will scan for open ports
-sV - scan for service version
-sC - default script scan
-p to specify port number
-A to aggresive scan
Hping3

hping3 -c 15000 -d 120 -S -w 64 -p 80 --flood --rand-


source 192.168.1.159
20 FTP File Transfer Protocol (FTP) Data Transfer

21 FTP File Transfer Protocol (FTP) Command Control

22 SSH Secure Shell (SSH)

23 Telnet - Remote login service, unencrypted text messages

25 SMTP Simple Mail Transfer Protocol (SMTP) E-mail Routing

53 DNS Domain Name System (DNS) service

80 HTTP Hypertext Transfer Protocol (HTTP) used in World Wide Web

88 Kerberos - network authentication protocol

110 POP3 Post Office Protocol (POP3) used by e-mail clients to retrieve e-mail from a server

119 NNTP Network News Transfer Protocol (NNTP)

123 NTP Network Time Protocol (NTP)

143 IMAP Internet Message Access Protocol (IMAP) Management of Digital Mail

161 SNMP Simple Network Management Protocol (SNMP)

194 IRC Internet Relay Chat (IRC)

389 LDAP - Lightweight directory access protocol

443 HTTP Secure (HTTPS) HTTP over TLS/SSL

445 SMB over IP (Microsoft DS) ( server message block)

3389 RDP (remote desktop protocol)


TCP SCAN
UDP SCAN
nmap -Pn -p- -sI zombie_ip victim_ip
Configure proxy chains using tor
Install tor package – apt install tor
Service tor start / systemctl start tor
Service tor status
Edit the config file of proxychains
Vim /etc/proxychains.config
Remove Dynamic chain from comment
comment Strict chain and Random chain
Remove proxy DNS from comment
write socks5 127.0.0.1 9050 in last line of proxy list

Service tor restart


Proxychains firefox dnsleaktest.com
https://hide.me/en/proxy
A practical scenario

You might also like