-
Port Scanner:
- An application designed to probe a server or host for open ports.
- Used by administrators, to verify security policies of their networks, and by attackers, to identify network services running on a host they wish to exploit.
-
Enumeration:
- A complete listing of items.
-
Extract information, including:
- Network Shares
- Services Running
- Groups of Users
-
Network Scanner Operation:
-
Port Scan:
- A process that sends client requests to a range of server port addresses on a host, with the goal of finding an active port on a remote machine. While port scans are not malicious in an of themselves, system administrators would be wise to block inbound ICMP echo request packets anyway.
-
Port Sweep:
- To scan multiple hosts for a specific listening port.
-
Examples:
-
nmap
- A free and open-source security scanner used to discover hosts and services on a computer network, thus building a "map" of the network.
- To accomplish its goal, Nmap sends specially crafted packets to the target host(s) and then analyzes the responses.
-
nmap Cheat Sheet:
- https://blogs.sans.org/pen-testing/files/2013/10/NmapCheatSheetv1.1.pdf
-
netcat
- A computer networking utility for reading from and writing to network connections using TCP or UDP.
- Netcat is designed to be a dependable back-end that can be used directly or easily driven by other programs and scripts.
- At the same time, it is a feature-rich network debugging and investigation tool, since it can produce almost any kind of connection its user could need and has a number of built-in capabilities.
- Its list of features includes port scanning, transferring files, and port listening, and it can be used as a backdoor.
-
netcat Cheat Sheet:
- https://www.sans.org/security-resources/sec560/netcat_cheat_sheet_v1.pdf