Target Enumeration and Port Scanning Techniques
◾
103
From this picture, you can see that I have specified two additional parameters (–n and –p).
The –n parameter tells the nmap not to perform the name resolution;
this is commonly used to
increase the speed of the scan. The –p parameter is used to specify the ports to scan, which in this
case is port 80.
I also ran
Wireshark
(a network analysis tool) while performing this scan to record
the behavior
of the packets. The output was what we expected.
As you can see from the first line the source 192.168.15.14 sends a SYN packet to the desti-
nation 192.168.15.1. The destination responds with a SYN, ACK in the second line.
The source
192.168.15.14 then sends a RST packet to close the connection, thus displaying the behavior dis-
cussed earlier. I have also used the “TCP” filter to filter out tcp protocol–related requests.
The positive side of this
scan is that it is pretty fast; its downside is that it is often detected by
IDS, IPS, and firewalls. We will talk about some techniques to perform noiseless scans later in
this chapter.
Dostları ilə paylaş: