Ethical Hacking and Penetration Testing Guide


– oN rafay.txt Grepable Format



Yüklə 22,44 Mb.
Pdf görüntüsü
səhifə74/235
tarix07.08.2023
ölçüsü22,44 Mb.
#138846
1   ...   70   71   72   73   74   75   76   77   ...   235
Ethical Hacking and Penetration Testing Guide ( PDFDrive )


oN rafay.txt
Grepable Format
In Unix-based operating systems, we have a very useful command “grep”, which can search for 
specific results such as ports and hosts. With the grepable format, the results are presented with 
one host per line.
Example
nmap –sS 192.168.15.1 –oG rafay


Target Enumeration and Port Scanning Techniques
◾ 
113
This command would save the output into a grepable format, which is one host per line.
The following command will highlight all the ports that are open, which in this case is only 
port 80.
XML Format
The XML format is by far the most useful output format in nmap. The reason is that the XML 
output generated from nmap can be easily ported over to dradis framework and armitage.
Example
nmap –sS 192.168.15.1 –oX
Advanced Firewall/IDS Evading Techniques
The techniques that we have discussed here are very loud in nature and are often detected by fire-
walls and IDS. Even scan techniques such as XMAS, FIN, and NULL are not that accurate; also, 
they don’t work on the Windows operating system, so they have a limited advantage over firewalls 
and IDS.
In this section, we will discuss some of the techniques that can be used to evade firewall detec-
tion. There is no universal method to do this; it’s all based on trial and error. Thus, methods could 
work on some firewalls/IDS but fail with others. It all depends upon how strong the rule sets are.
The Nmap book discusses a wide variety of techniques that could be used to get past firewalls. 
We will now briefly look at some of them:

Timing technique

Fragmented packets


114
◾ 
Ethical Hacking and Penetration Testing Guide

Source port scan

Specifying an MTU

Sending bad checksums

Yüklə 22,44 Mb.

Dostları ilə paylaş:
1   ...   70   71   72   73   74   75   76   77   ...   235




Verilənlər bazası müəlliflik hüququ ilə müdafiə olunur ©azkurs.org 2024
rəhbərliyinə müraciət

gir | qeydiyyatdan keç
    Ana səhifə


yükləyin