Docsity
Log inSign up
Docsity
Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity

Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan

Guidelines and tips
Guidelines and tips
Sell on Docsity
Sell on Docsity
Log inSign up

Prepare for your exams

Study with the several resources on Docsity

Find documents

Prepare for your exams with the study notes shared by other students like you on Docsity

Search Store documents

The best documents sold by students who completed their studies

Search through all study resources
Docsity AINEW

Summarize your documents, ask them questions, convert them into quizzes and concept maps

Explore questions

Clear up your doubts by reading the answers to questions asked by your fellow students

Earn points to download

Earn points by helping other students or get them with a premium plan

Share documents
download point icon20 Points

For each uploaded document

Answer questions
download point icon5 Points

For each given answer (max 1 per day)

All the ways to get free points
Get points immediately

Choose a premium plan with all the points you need

Study Opportunities

Choose your next study program

Get in touch with the best universities in the world. Search through thousands of universities and official partners

Community

Ask the community

Ask the community for help and clear up your study doubts

University Rankings

Discover the best universities in your country according to Docsity users

Free resources

Our save-the-student-ebooks!

Download our free guides on studying techniques, anxiety management strategies, and thesis advice from Docsity tutors

From our blog

Exams and Study
Go to the blog

Scanning connected Networks, Study notes of Cybercrime, Cybersecurity and Data Privacy

Sri Dev Suman Uttarakhand VishwavidyalayaCybercrime, Cybersecurity and Data Privacy

The objective of this lab is to help students in conducting network scanning, port scanning, analyzing the network vulnerabilities, and so on. You need to perform a network scan to: Check live systems and open ports Perform banner grabbing and OS fingerprinting Identify network vulnerabilities Draw network diagrams of vulnerable hosts Scenario Earlier, you gathered all possible information about the target, such as IP address range and network topology. Now, as an ethical hacker, or pen-tester, your next step will to perform port scanning, network scanning, and vulnerability scanning on the IP addresses you obtained in the information gathering phase. This will help you to identify IP/host name, ports, services, live hosts, vulnerabilities, and services running on the target network.m

Typology: Study notes

2019/2020

Available from 06/24/2024

rajendra-kumar-7
rajendra-kumar-7 🇮🇳

4 documents

1 / 186

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
Scanning Networks
Objective
The objective of this lab is to help students in conducting network scanning, port
scanning, analyzing the network vulnerabilities, and so on.
You need to perform a network scan to:
Check live systems and open ports
Perform banner grabbing and OS fingerprinting
Identify network vulnerabilities
Draw network diagrams of vulnerable hosts
Scenario
Earlier, you gathered all possible information about the target, such as IP address range
and network topology.
Now, as an ethical hacker, or pen-tester, your next step will to perform port scanning,
network scanning, and vulnerability scanning on the IP addresses you obtained in the
information gathering phase. This will help you to identify IP/host name, ports,
services, live hosts, vulnerabilities, and services running on the target network.
Port scanning will help you to identify the open ports and the services running on
specific ports, which involves connecting to TCP and UDP system ports. Port scanning is
used to find out the vulnerabilities in the services running on a port.
Vulnerability scanning determines the possibility of network security attacks. It
evaluates the organization’s systems and network for vulnerabilities such as missing
patches, unnecessary services, weak authentication, and weak encryption. Vulnerability
scanning is a critical component of any penetration testing assignment.
The labs in this module will provide you with real-time experience in network scanning
and vulnerability scanning.
Exercise 1: UDP and TCP Packet Crafting Techniques
using HPING3
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19
pf1a
pf1b
pf1c
pf1d
pf1e
pf1f
pf20
pf21
pf22
pf23
pf24
pf25
pf26
pf27
pf28
pf29
pf2a
pf2b
pf2c
pf2d
pf2e
pf2f
pf30
pf31
pf32
pf33
pf34
pf35
pf36
pf37
pf38
pf39
pf3a
pf3b
pf3c
pf3d
pf3e
pf3f
pf40
pf41
pf42
pf43
pf44
pf45
pf46
pf47
pf48
pf49
pf4a
pf4b
pf4c
pf4d
pf4e
pf4f
pf50
pf51
pf52
pf53
pf54
pf55
pf56
pf57
pf58
pf59
pf5a
pf5b
pf5c
pf5d
pf5e
pf5f
pf60
pf61
pf62
pf63
pf64

Partial preview of the text

Download Scanning connected Networks and more Study notes Cybercrime, Cybersecurity and Data Privacy in PDF only on Docsity!

Scanning Networks

Objective

The objective of this lab is to help students in conducting network scanning, port scanning, analyzing the network vulnerabilities, and so on. You need to perform a network scan to: ● Check live systems and open ports ● Perform banner grabbing and OS fingerprinting ● Identify network vulnerabilities ● Draw network diagrams of vulnerable hosts

Scenario

Earlier, you gathered all possible information about the target, such as IP address range and network topology. Now, as an ethical hacker, or pen-tester, your next step will to perform port scanning, network scanning, and vulnerability scanning on the IP addresses you obtained in the information gathering phase. This will help you to identify IP/host name, ports, services, live hosts, vulnerabilities, and services running on the target network. Port scanning will help you to identify the open ports and the services running on specific ports, which involves connecting to TCP and UDP system ports. Port scanning is used to find out the vulnerabilities in the services running on a port. Vulnerability scanning determines the possibility of network security attacks. It evaluates the organization’s systems and network for vulnerabilities such as missing patches, unnecessary services, weak authentication, and weak encryption. Vulnerability scanning is a critical component of any penetration testing assignment. The labs in this module will provide you with real-time experience in network scanning and vulnerability scanning.

Exercise 1: UDP and TCP Packet Crafting Techniques

using HPING

Scenario

Overview In network scanning, your first procedure will be to scan the target network to determine all possible open ports, live hosts, and services running. Knowledge of packet crafting techniques may help you to scan the network beyond the firewall or IDS. Lab Scenario Packet crafting is a technique that allows you to probe firewall rule sets and find entry points into a targeted system or network. This is done by manually generating packets to test network devices and behavior, instead of using existing network traffic. This lab will help you understand how to perform network scanning and packet crafting using hping3 commands. Lab Duration : 10 Minutes

  1. Click Windows 10 machine, click Ctrl+Alt+Delete link.

User Account Control pop-up appears, click Yes

  1. Wireshark main window appears as shown in the screenshot. Double-click the Ethernet interface to start capturing packets.
  1. Now switch to the Kali linux machine from the Resources pane and press Spacebar to go to the login screen.
  1. In the Username field type root and click Next.

machine. 10.Type hping3 --scan 1-3000 -S 10.10.10.10 and press Enter. Here, --scan parameter defines the port range to scan and –S represents

SYN flag.

Data section to view the data size of the packet.

13.Click the Restart Packet Capturing icon from the menu bar and click Continue Without Saving button in Unsaved packets… pop-up. 14.Switch to the Kali Linux machine, click Kali linux, and send a TCP SYN request to the target machine, type hping3 -S 10.10.10.10 -p 80 -c 5 and press Enter. -S will perform TCP SYN request on the target machine, -p will pass the traffic through which port is assigned, and -c is the count of the packets

15.Switch to the Windows 10 machine, click Windows 10 and observe the TCP packets captured via Wireshark.

16.Switch to the Kali Linux machine, click Kali linux and type hping 10.10.10.10 --flood and press Enter. 17.Switch to the Windows 10 machine, click Windows 10 and observe the Wireshark window, which displays the TCP packet flooding from the attacker machine.

transmitted to the attacker machine and received packets. This lab will helped you understand how to perform network scanning and packet crafting using hping3 commands. 0% Tasks Complete PreviousNext: Exercise 2: Scanning The Network Using...

Exercise 2: Scanning The Network Using The Colasoft

Packet Builder

Scenario

During network scanning phase, you are required to perform network scanning to detect a live host on the network. As an expert ethical hacker or penetration tester, you should be aware of the different tools used for network scanning. This lab will demonstrate how to perform network scanning using ARP Ping Scanning techniques. ARP Ping Scanning involves sending ARP packets to hosts on the network and observing the responses that are received from the hosts that are live or active on the network. The objective of this lab is how to detect live hosts in the network using Colasoft Packet Builder. Lab Duration : 5 Minutes