Network Hacking: Ping Sweeps
10 Questions
4 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

What is the primary reason why inexperienced users rely on the default SYN scan?

  • Because it is the easiest scanning technique to use (correct)
  • Because it is the most effective scanning technique
  • Because it is a complex scanning technique
  • Because it is a widely used scanning technique
  • What is the primary function of Nmap in port scanning?

  • To perform a ping sweep discovery
  • To create a firewall to block incoming traffic
  • To scan ports and determine their status (correct)
  • To identify potential vulnerabilities in a network
  • What is the status of an open port?

  • Filtering incoming traffic
  • Inactive and non-responding
  • Active and responding (correct)
  • Blocked by a firewall
  • What is the primary characteristic of a filtered port?

    <p>It is blocked by a firewall or other network obstacle</p> Signup and view all the answers

    What is the purpose of using various application for ping sweep discovery?

    <p>To discover active hosts on a network</p> Signup and view all the answers

    What is the primary difference between an open port and a closed port?

    <p>An open port is active and responding, while a closed port is inactive and non-responding</p> Signup and view all the answers

    What is the benefit of using Nmap to perform port scanning?

    <p>It provides a quick and efficient way to determine port status</p> Signup and view all the answers

    What is the primary difference between a SYN scan and other scanning techniques?

    <p>A SYN scan is a simpler scanning technique</p> Signup and view all the answers

    What is the primary goal of port scanning?

    <p>To determine the status of ports on a network</p> Signup and view all the answers

    What is the primary advantage of using Nmap for port scanning?

    <p>It is a widely used and popular tool</p> Signup and view all the answers

    Study Notes

    Network Hacking (Scanning Networks)

    • Scanning networks is Phase 2 of the 5 phases of Ethical Hacking, where we interact with target systems from information gathered in reconnaissance and footprinting phase.

    Ping Sweeps

    • Ping sweeps are used to identify active and responding systems within an IP address space.
    • It helps to avoid wasting time and resources on scanning non-existent systems.
    • Many tools are available for ping sweeps, including fping, masscan, Nmap, and netdiscover.
    • Fping is a tool that sends ICMP echo requests to multiple systems, showing hosts that are active, elapsed time, and generating a list of targets from an address block.
    • Fping requires being mindful of host-based firewalls, as systems may not respond to ICMP.
    • Examples of ping sweep commands include fping -qag 192.168.17.0/24 and sudo netdiscover -r 192.168.17.0/24.

    Port Scanning

    • TCP/IP port numbers exist at the transport layer of the OSI reference model.
    • TCP and UDP ports range from 0-65535 and can be open or closed, bounded to applications or services.
    • Port scanning serves to identify software and versions used by the target to provide services.
    • Nmap is a popular tool for port scanning, capable of scanning both TCP and UDP ports.
    • Nmap supports detection of operating system types, applications, and application versions.
    • Nmap scripts can be used for extended functions, categorized into types like auth, broadcast, default, discovery, dos, exploit, external, fuzzer, intrusive, malware, safe, version, and vuln.

    Types of Port Scans

    • SYN Scan (or half-open scan) requires root privilege to modify raw packets and uses the nmap -sS option.
    • SYN Scan does not complete the TCP 3-way handshake, instead, sending a TCP RST (Reset) packet.
    • TCP Scan (or full connect scan) completes the TCP 3-way handshake using the nmap -sT option.
    • Nmap can output port status, which can be open, closed, or filtered.

    Nmap Port Status

    • Open port: active and responding.
    • Closed port: not active and not responding.
    • Filtered port: possible firewall, filter, or other network obstacle is blocking the port, so Nmap cannot tell whether it is open or closed.

    Studying That Suits You

    Use AI to generate personalized quizzes and flashcards to suit your learning preferences.

    Quiz Team

    Description

    This quiz covers the basics of ping sweeps, including how to use fping to scan a subnet. Learn about the importance of ping sweeps in network hacking.

    More Like This

    Network Hacking Essentials Quiz
    5 questions
    Network Footprinting in Ethical Hacking
    17 questions
    Network Hacking Post Exploitation
    10 questions
    network hacking L4
    10 questions

    network hacking L4

    LongLastingLion avatar
    LongLastingLion
    Use Quizgecko on...
    Browser
    Browser