Scanning

Warning: Do not execute these on a network or system that you do not own. Execute only on your own network or system for learning purposes. Do not execute these on any production network or system, unless Rules of engagement have been agreed on, and you have a Get out of jail free card.

What?

Gather information about what ports (and services) target devices offer, including OS (or firmware version) of the target devices.

Why?

To be able to intelligently select tools and exploitation methods for an attack, scanning and enumeration can be used to make sure you:

  • Attack only agreed-upon targets
  • Get as much information as possible before increasing depth of attack
  • Identify purpose and type of targets (what services are provided)
  • Have specific information about versions of services running on target systems
  • Categorise target systems

How?

Stealth owl

Port scanning or scanning is for collecting information on the network services on a target network. Attempt to find open ports on the target system. Key are the Internet Control Message Protocol (ICMP) and Transmission Control Protocol (TCP) (and the available TCP flags).

Concretely