Home / Ethical Hacking / Hacking Class 4 – Scanning and Attacking Open Ports

Hacking Class 4 – Scanning and Attacking Open Ports

In my Previous class I have explained about i.e getting the IP of the Person/website/organisation whom you want to attack and extracting the personal Information.. You all were thinking that what was the use of that .. In this class you will came to know why we have undergo footprinting and analysis part…

In Part We Will Cover the Following Topics in details :

~ Definition of scanning
~ Types and objectives of Scanning
~ Understanding Scanning methodology
~ Checking live systems and open ports
~ Understanding scanning techniques
~ Different tools present to perform Scanning
~ Understanding banner grabbing and OS fingerprinting
~ Drawing network diagrams of vulnerable hosts
~ Preparing proxies
~ Understanding anonymizers
~ Scanning countermeasures

Hacking Class 4 - Scanning and Attacking Open Ports



What Is Scanning ?? And Why We Focus On that ?

 Scanning as from the name means that we will scan something to find some details etc etc… Scanning basically refers to the gathering of following four informations…

We Scan systems for four basic purposes :-

  • To find specific IP address
  • Operating system
  • System Architecture
  • Services Running on system



The various types of scanning are as follows:
~Port Scanning
~Network Scanning
~Vulnerability Scanning

I want to Define These Terms here Only as they are of great use in further tutorial…

PORT SCANNING : There are 64k ports in a computer out of which 1k are fixed for system or OS services. In Port scanning we scan for the open Ports which can be used to attack the victim computer.
In Port scanning a series of messages sent to break into a computer to learn about the computer’s network services. Through this we will know that which port we will use to attack the victim..

Network Scanning : Network scanning is basically a procedure of finding the active hosts on the Network.
i.e We tries to find that system is standalone or multiuser…

This is done either for the purpose of attacking them or for network security assessment i.e how secured the network Is ??

Vulnerability Scanning : As from the name , In this type of scanning We scan the systems for finding the i.e the weakness in OS/database … Once we find the vulnerability or loop hole we can utilize it to Best..and attack the victim through that …

OBJECTIVES OF SCANNING 
These are Primary objectives of scanning i.e why do we do scanning :

~ To detect the live systems running on the network.
~ To discover which ports are active/running.
~ To discover the operating system running on the target system (fingerprinting).
~ To discover the services running on the target system.
~ To discover the of the target system.


We will prefer TOOLS for this because they will reduce our Hectic Work… The first Tool that we Use is the NMAP :
DOWNLOAD :http://nmap.org/dist/nmap-5.00-setup.exe

Features of :

~ Nmap is used to carry out port scanning, OS detection, version detection, ping sweep, and many other techniques.
~ It scans a large number of machines at one time.
~ It is supported by many operating systems.
~ It can carry out all types of port scanning techniques.

Hacking Class 4 - Scanning and Attacking Open Ports


SECOND TOOL IS NET TOOLS 5.0.70 :

Itz is a collection of various Networking Tools … must for beginners…
DOWNLOAD: http://www.softpedia.com/progDownload/Net-Tools-Download-22193.html


~ Net Tools Suite Pack is a collection of scanning tools.
~ This toolset contains tons of port scanners, flooders, web rippers, and mass e-mailers.
Note: Some of these tools may not Work but some are too good.

Hacking Class 4 - Scanning and Attacking Open Ports



Hacking Class 4 - Scanning and Attacking Open Ports



I thisnk that’s Enough for Today .We will discuss more on scanning tomorrow Until You try these tools..
If you have any problem in Using these tools then you can ask me ..I will help you use these tools…

ENJOY AND HAVE FUN ! IF YOU HAVE ANY QUERIES ASK ME IN FORM OF COMMENTS !

About Lokesh Singh

Hello Friends, i am Lokesh Singh, certified Ethical hacker ( CEH, SSA, CSIF , CISSP). Have 8+ years of extensive experience in Ethical Hacking, Cyber Security and Penetration Testing domain.

Check Also

stegnography-tutorial-hide-exe-jpeg-image

Steganography : Hide EXE within the Jpeg Image File

Stenography : Hide EXE within the Jpeg Image File What is Steganography ? Steganography is …

16 comments

  1. Excellent informative article.Good luck for your exams!!

  2. hey bro,,,,,how 2 scan,,,,,help me out wid steps….plzz

  3. ooooo Good Luck for the exam!!!!

  4. Brother Today I am having my exam of Programming languages and anlysis …. am pity much busy in preparation..

  5. Whats up Lokesh… no class.. yesterday???? waiting for the class…hmmm!!

  6. yaa AVG is too good….and sufficient in itself..

Have any Suggestions? Compliments? Why not comment then?