ISS Internet Scanner
Finally, our comprehensive Internet Scanner results (separate handout)
highlight these and other High, Medium and Low risk issues.
hping
We have already discussed the results hping may return, examples are
featured below.
• An open port (the web server on 80/TCP):
root@anon [~] # ./hping host.target.com -c2 -p80 -n -S
HPING host.target.com (eth1 w.x.y.z): S set, 40 data bytes
60 bytes from w.x.y.z: flags=SA seq=0 ttl=242 id=62198 win=63872
time=208.4 ms
• A port closed on the host, or rejected by a gateway
root@anon [~] # ./hping host.target.com -c2 -p21 -n -S
HPING host.target.com (eth1 w.x.y.z): S set, 40 data bytes
60 bytes from w.x.y.z: flags=RA seq=0 ttl=308 id=0 win=0
time=196.6 ms
• A port blocked by a router
root@anon [~] # ./hping host.target.com -c2 -p6000 -n -S
HPING host.target.com (eth1 w.x.y.z): S set, 40 data bytes
ICMP unreachable type 13 from w.x.y.z
• A mystery port - lost in transit or dropped e.g. by Firewall-1
root@anon [~] # ./hping host.target.com -c2 -p111 -n -S
HPING host.target.com (eth1 w.x.y.z): S set, 40 data bytes
No comments:
Post a Comment