Please enable JavaScript.
Coggle requires JavaScript to display documents.
(Scanning (Hping3 (Advantages (Luis Martin Garcia and Fyodor decided to…
Scanning
Benefits of scanning
- Determining if the system is alive
- Determining which services are running or listening
- Detecting the operating system
- Processing and storing scan data
-
Hping3
Advantages
- Luis Martin Garcia and Fyodor decided to bring its functionality back to life in a tool shipped with Nmap called nping
Functions
- Host discovery
- Port scanning
- spoofing the source MAC addresses, source IPs, and anything else
Disadvantage
- hasn’t been really maintained or updated since 2005
Advantages of Superscan
- It sends out multiple ICMP ECHO REQUEST packets in parallel and simply waits and listens for responses.
- It also allows you to resolve hostnames and view the output in an HTML file.
- You can discover hosts hidden behind traditional firewalls.
-
-
Enumeration
EX
- older software versions with known security vulnerabilities (such as web servers with remote buffer overflows)
- misconfigured shared resources (for example, unsecured file shares)
-
Nessus advantages
- It is easy-to-use
- It has a graphical interface
- frequently updated database of vulnerabilities
- support for all major platforms (including android and iPhone)
Nessus countermeasures
- Regularly scan your own systems with such tools, so you can detect and remediate
- Implement effective patch and configuration management processes
- Some organisation tuned their IDS signatures to alert on the behavior of tools like Nessus. In the case of IPS, products can block scans, frustrating the hacker
-
DoS
Advantages of PoD
- particularly effective because the attacker’s identity could be easily spoofed
- attacker would need no detailed knowledge of the machine he/she was attacking, except for its IP address
PoS Mitigation
- Many sites block ICMP ping messages altogether at their firewalls. However, this approach is not viable in the long term.
- Invalid packet attacks can be directed at any listening port—like FTP ports— and you may not want to block all of these, for operational reasons.
- By blocking ping messages, you prevent legitimate ping use – and there are still utilities that rely on ping for checking that connections are live, for example.
- The smarter approach would be to selectively block fragmented pings, allowing actual ping traffic to pass through unhindered.
- Encapsulate DDoS Protection services intelligently and preemptively identify and filter out all abnormally large packets, even if they are fragmented—eliminating the threat of PoD and similar packet-based attacks altogether.