Unlock the full potential of your projects.
Show full map
Copy and edit map Copy

CHAPTER 3 GATHERING NETWORK AND HOST INFORMATION

Other
Ain Husairi
Get Started. It's Free
or sign up with your email address
Similar Mind Maps Mind Map Outline
CHAPTER 3 GATHERING NETWORK AND HOST INFORMATION by Mind Map: CHAPTER 3 GATHERING NETWORK AND HOST INFORMATION

1. Types of scanning

1.1. Port scanning

1.1.1. To find open ports and services on target

1.2. Network scanning

1.2.1. Find IP address in the network of the target

1.3. Vulnerability scanning

1.3.1. Find weakness or vulnerabilities on the target

2. Scanning methodology

2.1. Check for live system

2.1.1. Ping send out an ICMP Echo Request packet and awaits an

2.1.2. ICMP Echo Reply message from an active machine

2.2. Check for open ports

2.2.1. A potential target computer runs many 'services' that listen at ‘well-known’ 'ports'.

2.2.2. By scanning which ports are available on the victim, the hacker finds potential vulnerabilities that can be exploited

2.3. . Service identification

2.3.1. Example Services IPTV vs. Multimedia Gaming vs. Voice Chat Config vs. Pager messaging

2.3.2. Uses of Service ID App Invocation in UA App Invocation in network Network QoS Auth Accounting and Billing Service Negotiation Dispatch to Devices

2.4. Banner grabbing/OS fingerprinting

2.4.1. Is the technique to find the Operating System of the target

2.4.2. it is very important to know the target Operating System as based on the OS

2.4.3. the hacker can look for vulnerabilities in the OS and accordingly plan the attack

2.5. Vulnerability scanning

2.5.1. This is done by using a very popular tool called Nessus

2.5.2. It is the most popular tool and gives all information about the vulnerability on the target

2.6. Draw network diagrams of vulnerable hosts

2.6.1. Tools like Solar Winds LAN Surveyor can be helpful to make a network diagram of the network

2.6.2. These diagrams can then be moved to Visio for documenting it

3. Define enumeration and the purpose.

3.1. set of related constants that define a value type

3.2. Machine names

3.3. Network resources

3.4. Services

4. Null sessions. SNMP enumeration. Enumeration tool

4.1. Port scanning

4.2. Network scanning

4.3. Vulnerability scanning

4.4. Significance of enumeration

4.4.1. often considered as a critical phase in Penetration testing as the outcome of enumeration can be used directly for exploiting the system.

4.5. What is SNMP?

4.5.1. SNMP stands for Simple Network Management Protocol is an application-layer protocol that runs on User Datagram Protocol (UDP).

4.5.2. used for managing network devices which run on IP layer like routers