Electronic Books

The ??“r option instructs netcat to randomize local and remote ports in
an attempt to elude any intrusion detection systems.

The ??“w2 option instructs netcat to wait 2 seconds between each port
scanned to help elude any intrusion detection systems.

The ??“z option instructs netcat to operate in a zero-I/O (Input/Output)
mode. It is best to use the ??“z when scanning with netcat.

The 1-1024 instructs netcat to scan port 1-1024.
162
Practical Hacking Techniques and Countermeasures
In this example, the target has the following ports open:

80 (Web)

7 (Echo)

13 (daytime)

21 (FTP)

17 (Quote of the Day)

445 (Windows Share)

9 (discard)

139 (Windows Share)

19 (Character Generator)

135 (epmap)

443 (HTTPS)

25 (Simple Mail Transfer Protocol [SMTP])
*Note: From the results of this example the ???low hanging fruit??? ports are:

7, 13, 17, 9, and 19 as these ports can easily be used to create a Denial
of Service (DoS). These ports should not be open to the Internet.
Scanning
163
Lab 35: Port Scan/Service Identification
Scan Open Ports of Target: SuperScan
Prerequisites: None
Countermeasures: Secure access control lists (ACLs), Bastion servers/
workstations, host-based firewalls
Description: SuperScan has the ability to discover which ports are open
on the target. Identifying the open ports tells an attacker what ports
are available for potential exploit.
Procedure: Install the application, enter the target data, and scan the
target.


Pages:
63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87