Ethical Hacking and Penetration Testing Guide



Yüklə 22,44 Mb.
Pdf görüntüsü
səhifə68/235
tarix07.08.2023
ölçüsü22,44 Mb.
#138846
1   ...   64   65   66   67   68   69   70   71   ...   235
Ethical Hacking and Penetration Testing Guide ( PDFDrive )

TCP Connect Scan
The TCP connect scan is similar to the SYN scan, with a slight difference in that it completes 
the three-way handshake. The TCP connect scan becomes the default scan if the SYN scan is not 
supported by the machine. A common reason for that could be that the machine is not privileged 
to create its own RAW packet.
SYN/ACK
RST
ACK
Source
192.168.0.8
Destination
192.168.0.10
SYN + Port 80


104
◾ 
Ethical Hacking and Penetration Testing Guide
This diagram illustrates that it’s working:

The source machine sends a SYN packet at Port 80.

The destination machine responds with a SYN/ACK.

The source machine then sends an ACK packet to complete the three-way handshake.

The source machine finally sends the RST packet in order to close the connection.
The TCP connect scan can be accomplished by specifying an additional 
–sC
parameter with 
nmap.
Here is an example:
NULL, FIN, and XMAS Scans
NULL, FIN, and xmas scans are similar to each other. The major advantage of using these scans 
for pentest is that many times they get past firewalls and IDS and can be really beneficial against 
Unix-based OS as all three of these scans do not work against Windows-based operating systems, 
because they send a reset packet regardless of whether the port is open or closed. The second dis-
advantage is that it cannot be exactly determined if the port is open or filtered. This leaves us to 
manually verify it with other scan types.
NULL Scan
Source
192.168.0.8
Destination
192.168.0.7
RST
00000000 + Port 438
A null scan is accomplished by sending no flags/bits inside the TCP header. If no response 
comes, it means that the port is 
open
; if a 
RST
packet is received, it means that the port is 
closed
or 
filtered
.
Command
:
nmap –sN


Target Enumeration and Port Scanning Techniques
◾ 

Yüklə 22,44 Mb.

Dostları ilə paylaş:
1   ...   64   65   66   67   68   69   70   71   ...   235




Verilənlər bazası müəlliflik hüququ ilə müdafiə olunur ©azkurs.org 2024
rəhbərliyinə müraciət

gir | qeydiyyatdan keç
    Ana səhifə


yükləyin