TCP view and Superscan Flashcards
Why use port scanning tools?
-Identifies devices on the network
-Identifies operating systems
-Identifies services on a system
-Identifies known network vulnerabilities
-Can be used for both internal and external
evaluation
What is TCPview?
A Windows program that will show you detailed listings of all TCP and UDP endpoints on your system
Provides a conveniently presented subset of the Netstat program. Requires Windows 98 or newer
What does TCPview show for each connection?
-Process : the owning process (application and process ID) – Protocol : TCP or UDP – Local Address – Remote Address – State : established, listening, etc.
What is superscan?
It is a free connect-based port scanning
software designed to
• detect open TCP and UDP ports
• determine which services are running on those ports,
• run queries such as whois, ping, ICMP traceroute,
and Hostname lookups.
What is superscan able to do?
-Scan ports from a range of IP addresses
-Ping remote machines to check for “signs of life”
-Scan for different ports
-Perform host lookup so you don’t need to manually look-up the IP address of the target
system
-Enumerate a network to discover:
– hosts/devices on a network
– scan ports to find well known services
What is NMAP?
Port scanning tool
What is Zenmap?
The GUI for NMAP
How does stealth scan in NMAP work?
Involves sending a SYN packet to request a connection. The host responds with:
– SYN/ACK if the port is open
– RST (Reset) if the port is closed
How does TCP connect scan work on NMAP?
Nmap creates temporary connections
– Nmap sends SYN packet to port on target
– if port is open it sends back SYN/ACK packet
– Nmap completes the connection (ACK packet) then disconnects
How does NMAP detect a OS?
By determining which ports are open as some OS use particular ports for different OS systems
What is Nmap idlescan?
It is where Nmap tries to bypass firewalls by impersonating a trusted host on the network
What is Nmap bounce?
Can use other open available hosts as a type of
proxy for different attacks
What is Nmap decoy?
Adds extra decoy IP addresses when doing a scan
What command will display a Mac address?
ipconfig /all
Which ports generally identify a windows operating system?
135, 139, 445, 137, 138