Masterclass: Port Scanning and OS Identification
Introduction
Port scanning is a fundamental part of all network based securityassessments. In many cases, attackers use port-scanning devices to gain
sufficient information about a system to launch a successful attack.
Open ports, active services, service types, version number (including
vendor and product information) and remote operating system type
may all be determined. All this intelligence is extremely important to
both the Security Professional and a potential attacker. Where possible,
every step should be taken to limit the availability of this intelligence.
Many areas will be covered within this section and the following
questions will be answered;
• What is port scanning?
• What information can I get from port scanning?
• Is port scanning useful?
• What do I need to port scan?
• What is “Stealth” scanning?
• Which type of port scanning is most effective?
Port Scanning
Port scanning is a process used to determine which ports - specifically
TCP and UDP - are open on a given network device (server,
workstation, router etc), and what network services (client or server)
are running on those ports.
Port scanning can be used to identify
• Open ports.
• The services utilizing these ports.
No comments:
Post a Comment