Network Scanning Techniques
24 Questions
1 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

What does a SYN-ACK response indicate about a port during a scan?

  • The port is unresponsive
  • The port is filtered
  • The port is open (correct)
  • The port is closed
  • In an Xmas scan, what combination of flags is set?

  • URG and PSH only
  • PSH, FIN, and URG (correct)
  • SYN and RST
  • ACK and FIN
  • What is the main purpose of the tool Traceroute?

  • To ping multiple IP addresses simultaneously
  • To identify the path data takes to reach a device (correct)
  • To measure network speed between devices
  • To scan open ports on a server
  • What does an unresponsive server typically indicate in a FIN scan?

    <p>The port is considered open or filtered</p> Signup and view all the answers

    How does the TTL (Time-to-Live) value affect packet transmission?

    <p>It limits the number of routers a packet can pass through.</p> Signup and view all the answers

    What is a primary characteristic of a filtered port according to Nmap states?

    <p>There is a packet filtering device blocking the probe</p> Signup and view all the answers

    Which of the following states can Nmap determine when scanning ports?

    <p>Open and Filtered</p> Signup and view all the answers

    Which scanning technique is considered less noisy than a TCP scan?

    <p>FIN scan</p> Signup and view all the answers

    What is the default timing option in Nmap when performing a scan?

    <p>-T3</p> Signup and view all the answers

    Which state indicates that Nmap cannot determine whether a port is open or filtered?

    <p>Open|Filtered</p> Signup and view all the answers

    Which Nmap scan type is considered the least stealthy due to its detection signature?

    <p>TCP Connect Scan</p> Signup and view all the answers

    What is the purpose of sending an RST packet in the scanning process?

    <p>To terminate a connection attempt</p> Signup and view all the answers

    What is the key challenge of the Xmas and FIN scans?

    <p>They can confuse firewalls and detection systems</p> Signup and view all the answers

    In the context of network security, what does a filtered port state indicate?

    <p>The port's responses are being blocked or dropped.</p> Signup and view all the answers

    Which Nmap timing option sends a packet every 15 seconds, making it less noticeable?

    <p>-T1</p> Signup and view all the answers

    What is the purpose of gradually decreasing the TTL values in the Traceroute process?

    <p>To identify each hop along the route by generating responses.</p> Signup and view all the answers

    What is the primary purpose of a Ping Sweep?

    <p>To identify live systems on a network</p> Signup and view all the answers

    Which of the following best describes the function of ports in networking?

    <p>They are logical access points for data communication</p> Signup and view all the answers

    What does vulnerability scanning aim to achieve?

    <p>To generate a report on weaknesses in the environment</p> Signup and view all the answers

    When running a port scan, what type of systems are typically targeted?

    <p>Active IP addresses identified as potential targets</p> Signup and view all the answers

    What is the significance of the TTL (Time to Live) value in a traceroute command?

    <p>It specifies the maximum hops a packet can take before being discarded</p> Signup and view all the answers

    What type of information can be found through scanning a network?

    <p>Specific IP addresses and their port states</p> Signup and view all the answers

    Which scanning technique uses ICMP echo requests to identify active devices on a network?

    <p>ICMP scanning</p> Signup and view all the answers

    Which scenario best fits the function of stealth scanning?

    <p>Performing scans that do not alert security systems</p> Signup and view all the answers

    Study Notes

    Scanning Overview

    • Scanning identifies live machines to ensure successful remote attacks.
    • Determines which operating systems are being used on target machines for potential exploitation.

    Types of Scans

    • Ping Sweep:

      • Detects live systems by sending ICMP echo requests to multiple IP addresses.
      • Helps identify active devices on a network.
    • Port Scanning:

      • Finds active IP addresses to target.
      • Determines open ports (e.g., port 80 for HTTP, port 443 for HTTPS).
    • Vulnerability Scanning:

      • Identifies weaknesses in networks, systems, applications, and devices.
      • Generates a report detailing detected vulnerabilities.

    Ports in Networking

    • Ports are logical access points for data transmission between devices.
    • Numbered ports correlate with specific services or protocols.

    Information Gathered from Scanning

    • IP addresses of devices.
    • List of open and closed ports.
    • Operating system versions and MAC addresses.
    • Service information and network data.

    ICMP Scanning

    • Utilizes ICMP echo requests to locate active network devices.
    • An echo request prompts a device to respond if operational.

    Port Scanning Techniques

    • Uses SYN-ACK responses to identify open ports during scans.
    • Reset (RST) packets allow stealthy scans without establishing full connections.

    Specific Scanning Methods

    • Xmas Scan:

      • Combines PSH, FIN, and URG flags to confuse the target.
      • Lack of response indicates the port may be open or filtered.
    • FIN Scan:

      • Sends a FIN flag packet to probe ports.
      • Non-response suggests potential openness or filtering.
    • ACK Scan:

      • It determines if ports are filtered or unfiltered based on responses.

    Nmap States Summary

    • Open: An application is accepting connections.
    • Closed: No application is listening on the port.
    • Filtered: A filtering device is blocking the probe.
    • Unfiltered: The port is accessible; its state is undetermined.
    • Open|Filtered: Nmap cannot distinguish if the port is open or filtered.
    • Closed|Filtered: Rare state indicating ambiguity.

    Scanning Tools

    • Fping:

      • Pings multiple IP addresses quickly via saved files.
    • Traceroute:

      • Examines the path data takes to a device using TTL values.
      • Gradually decreases TTL to identify each hop, revealing network delays.

    Nmap Scanning Options

    • Scans the most common 1000 ports randomly.
    • Timing options allow for varied scanning speeds from paranoid to insane.

    TCP and SYN Scanning

    • TCP scan determines port states through a three-way handshake.
    • SYN scan is noisy and detectable due to multiple probing attempts.

    Studying That Suits You

    Use AI to generate personalized quizzes and flashcards to suit your learning preferences.

    Quiz Team

    Related Documents

    Lecture 2-2.txt

    Description

    This quiz covers essential network scanning techniques, including Ping Sweep and Port Scanning. Explore why scanning is critical for identifying live systems and the operating systems they use for potential exploitation. Test your knowledge on the different scanning methods and their importance in network security.

    More Like This

    Network Security Scanning
    39 questions

    Network Security Scanning

    FresherGyrolite5304 avatar
    FresherGyrolite5304
    Use Quizgecko on...
    Browser
    Browser