Chapter 2 - 02 - Describe Hacking Methodologies and Frameworks - 02_ocred.pdf
Document Details
Uploaded by barrejamesteacher
null
OCR
Tags
Related
- Chapter 8 - 04 - Discuss Ethical Hacking Concepts - 01_ocred.pdf
- Chapter 2 - 03 - Understand Network-level Attacks_fax_ocred.pdf
- Chapter 2 - 06 - Understand Wireless Network-specific Attacks - 01_ocred_fax_ocred.pdf
- Chapter 8 - 04 - Discuss Ethical Hacking Concepts - 02_ocred_fax_ocred.pdf
- Ethical-Hacking-notes 1-8.pdf
- Sniffing Techniques in Ethical Hacking
Full Transcript
Certified Cybersecurity Technician Information Security Attacks Exam 212-82 Phase 2 - Scanning m Scanning refers to the pre-attack phase when the attacker scans the network for specific information based on information gathered during reconnaissance Scanning can include the use of dialers, port scan...
Certified Cybersecurity Technician Information Security Attacks Exam 212-82 Phase 2 - Scanning m Scanning refers to the pre-attack phase when the attacker scans the network for specific information based on information gathered during reconnaissance Scanning can include the use of dialers, port scanners, network mappers, ping tools, and vulnerability scanners 4 Q \ \_' /) Attackers extract information such as live machines, port, port status, OS details, device type, and system uptime to launch attack Sends TCP/IP probes Gets network information > e Network Attacker Copyright © by All Rights Reserved. Reproductionis Strictly Prohibited 1 Phase 2 - Scanning Scanning is the phase immediately preceding the attack. Here, the attacker uses the details gathered during reconnaissance to scan the network for specific information. Scanning is a logical extension of active reconnaissance, and in fact, some experts do not differentiate scanning from active reconnaissance. There is a slight difference, however, in that scanning involves more in-depth probing on the part of the attacker. Often the reconnaissance and scanning phases overlap, and it is not always possible to separate the two. An attacker can gather critical network information such as the mapping of systems, routers, and firewalls by using simple tools such as the standard Windows utility Traceroute. Scanning can include the use of dialers, port scanners, network mappers, ping tools, vulnerability scanners, or other tools. Attackers extract information such as live machines, port, port status, OS details, device type, and system uptime to launch an attack. Port scanners detect listening ports to find information about the nature of services running on the target machine. The primary defense technique against port scanners is shutting down services that are not required and implementing appropriate port filtering. However, attackers can still use tools to determine the rules implemented by the port filtering. The most commonly used tools are vulnerability scanners, which can search for thousands of known vulnerabilities on a target network. This gives the attacker an advantage because he or she only has to find a single means of entry, while the systems professional has to secure as much vulnerability as possible by applying patches. Organizations that use intrusion detection systems still have to remain vigilant because attackers can and will use evasion techniques wherever possible. Module 02 Page 156 Certified Cybersecurity Technician Copyright © by EC-Gouncil All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Information Security Attacks Exam 212-82 Sends TCP/IP probes C]
