Passive Attacks and Reconnaissance in Network Security

Slide Note
Embed
Share

Passive attacks involve monitoring target systems through port scanning or other means to locate vulnerabilities. Scanning is the first active action taken against a target network based on information gathered through footprinting, allowing deeper penetration. It includes scanning ports and services to identify weaknesses that can be exploited. Port scanning involves running queries to identify listening ports, while service scanning uses specialized tools to determine functioning services. An example of a hands-on port scanning process is provided in the content.

suri
suri Follow

Uploaded on Jul 16, 2024 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

E N D

Presentation Transcript

  1. NETWORK SECURITY LAB Lab 5. Passive Attacks and Reconnaissance - Operating Systems Fingerprinting & Scanning

  2. What are Passive Attacks? Passive Attacks Network attack to monitor target systems, through port scanning or other means to locate and identify vulnerabilities. Passive attacks include: Active Reconnaissance Passive Reconnaissance

  3. How is it realized? Scanning - The first active action taken against target computer/network. - The action taken is based on the information gathered through Foot printing - Scanning allows penetrating deep into target network. - Usually done to identify the type, size and topology of network along with live systems and technology.

  4. Scanning Ports and Service Scanning Ports: Can be hardware/software, allow computers to communicate. Service: An application running at the network application layer and above, allows storing, presentation and logistics of data.

  5. Port & Service Scanning Port Scanning: Refers to running a query in target computer/network to identify which ports is the machine listening on. Ex: netstat abno OR taskmanager with port column Onlineportscanner Service Scanning: Refers to running a refined and sophisticated query using specialized tools on target computer/network to identify which services are functioning. T o be addressed in Systems Enumeration

  6. What happens in Port Scanning Identify Vulnerabilities that can be exploited

  7. Port Scanning an IP Hands on Preparation: Download Port Query from MEGA folder Identify the computers in the network: Open Command Prompt with Admin privileges Run the command Net View Review the list of computers and select one computer as target Note its name Unzip and Run the Port Query Enter the name of the target computer in the Port Query Scanner Select Manually input Query Ports Enter 100-200 in ports to query Click on Query Review the results of scan and note the port numbers on which the target computer is listening

  8. Analysis of Port Scan Firewalls cannot protect the network if there are vulnerabilities in the systems: Ex: Port 80 allowed through firewall Anyone from outside can access this port To identify vulnerabilities within the network / systems: Vulnerability Scanner / Security Scanner Functions exactly like hackers port scanner, used for vulnerability assessment.

  9. Vulnerability Scanner Hands on Download Belarc Advisor from vdrive folder Extract and Run the installable Step 1: Allow the software to update the profile of the computer

  10. Belarc Advisor Post profiling the network of the computer, Belarc will start analyzing the security settings of the computer:

  11. Reporting Belarc will revert with report as html file. Use any browser to view the report

  12. Analysis of the reports Carefully review the following sections: Operating System Local Drives Users Virus Protection Network Map Software Installed

  13. OS Fingerprinting Process of determining the Operating System used by a host on a network. Forensics Wiki What are the contents of an OS Fingerprint? Just like human fingerprints have unique characteristics, OS fingerprints are unique too. These characteristics are reflecting during communication. By capturing and analyzing certain protocol flags and data packets, we can accurately establish the identity of the OS that relayed it.

  14. How is it different than Scanning? Scanning is done against IP addresses of computers only such as mail servers, web servers or standalone PC s. OS fingerprinting can be don all network based devices such as Routers, switches, printers, etc.,

  15. Points to ponder about nMap nMap is a very noisy solution Raises a lot of alerts in IDS/IPS solutions while scanning. The trick is to use nMap with different switches smartly so that the scans remain less frequent yet result effective. Usage of switches

  16. Hands On Lab Activity Download and install the nMap Utility

  17. Target To keep the scanning legal and ethical we will use the following url to scan. The url is provided freely by nMap to be scanned and exploited for practice purposes: http://scanme.nmap.org

  18. Switches to be used in nMap -V : returns the version number of the service you are hosting -A / -O: Enables OS detection, version detection, script scanning - Using the nMap GUI run a scan against scanme.nmap.org

  19. Objective To intense scan a network (system / server / router) Run the nMap utility in GUI Mode Scanme.nmap.org

  20. Scanning through nMap nMap returns with results

  21. Scanning a target for specific ports Nmap p <<port number>> 22 <<ssh port>> target nMap p 22 scanme.nmap.org

  22. Aggressive Scanning using nMap nMap A <<aggressive>> target nMap A scanme.nmap.org Gives the Operating System version of the target. nMap F target Fast scanning (100 ports) of the target nMap open target Runs a fast probe on target and retrieves only open ports on the target.

  23. Report Work: Using nMap commands and switches provide the result for the following information: Scan http://www.altoromutual.com using nMap to Retrieve only the open ports on the target Provide the answers in the following format: Command with switch identify: The version of the Operating System The Services Running on the target Search for ports 8080, 22 and 443 on the target Use a fast scan on the target Result

  24. Questions

Related


Passive Attacks and Reconnaissance using NMAP for Network Scanning

Passive Attacks and Reconnaissance using NMAP for Network Scanning

aden
Types Cyber Attacks: Cyber Security Training Workshop

Types Cyber Attacks: Cyber Security Training Workshop

anara
Understanding Network Denial of Service (DoS) Attacks

Understanding Network Denial of Service (DoS) Attacks

zahra
Understanding Active and Passive Voice Usage

Understanding Active and Passive Voice Usage

janelle
Understanding the Passive Voice and Versatile Verbs

Understanding the Passive Voice and Versatile Verbs

cassidy
Passive verb forms

Passive verb forms

kiro
Understanding Passive Voice in English Grammar

Understanding Passive Voice in English Grammar

leda
Mastering Passive Voice: Verb Forms and Usage

Mastering Passive Voice: Verb Forms and Usage

halston
Understanding Malicious Attacks, Threats, and Vulnerabilities in IT Security

Understanding Malicious Attacks, Threats, and Vulnerabilities in IT Security

ciel
Cybersecurity Challenges: Attacks on Web Applications and Cost of Security Breaches

Cybersecurity Challenges: Attacks on Web Applications and Cost of Security Breaches

hari
Mitigation of DMA-based Rowhammer Attacks on ARM

Mitigation of DMA-based Rowhammer Attacks on ARM

baylee
Principles of Cyber Security

Principles of Cyber Security

gillian
Managing Covid-19 Cyber and Data Protection Risks

Managing Covid-19 Cyber and Data Protection Risks

kaisen
Understanding Denial-of-Service Attacks and Defense Strategies

Understanding Denial-of-Service Attacks and Defense Strategies

delphi
Preventing Active Timing Attacks in Low-Latency Anonymous Communication

Preventing Active Timing Attacks in Low-Latency Anonymous Communication

kmike
Understanding Passive and Active Voice in English Language

Understanding Passive and Active Voice in English Language

isra
Managing Passive Host and Service Checks with Nagios Core

Managing Passive Host and Service Checks with Nagios Core

kat_t
Understanding Passive Voice and Verb Forms in English

Understanding Passive Voice and Verb Forms in English

jaydan
Learning Passive Voice in Present Simple Tense: Exercises and Examples

Learning Passive Voice in Present Simple Tense: Exercises and Examples

apollonia
Understanding Active and Passive Voice for Better Communication Skills

Understanding Active and Passive Voice for Better Communication Skills

asta
Mastering Writing Skills & Passive Voice: Lesson Review

Mastering Writing Skills & Passive Voice: Lesson Review

millierose
Understanding Active vs Passive Voice in Writing

Understanding Active vs Passive Voice in Writing

dawood
Understanding Security Onion: Network Security Monitoring Tools

Understanding Security Onion: Network Security Monitoring Tools

sadhbh
Understanding Network Security: Hijacking, Denial of Service, and IDS

Understanding Network Security: Hijacking, Denial of Service, and IDS

sally

More Related Content

Understanding Network Security Fundamentals and Common Web Application Attacks
Understanding Network Security Fundamentals and Common Web Application Attacks
Overview of Computer and Network Security Fundamentals
Overview of Computer and Network Security Fundamentals
Understanding Control Hijacking Attacks in Software Systems
Understanding Control Hijacking Attacks in Software Systems
Adversarial Machine Learning
Adversarial Machine Learning
BCA 601(N): Computer Network Security
BCA 601(N): Computer Network Security
Network Slicing with OAI 5G CN Workshop Overview
Network Slicing with OAI 5G CN Workshop Overview
Understanding Snort: An Open-Source Network Intrusion Detection System
Understanding Snort: An Open-Source Network Intrusion Detection System
Attacks on Fully Random 64QAM Sounding Signal in IEEE 802.11-20/0964r0
Attacks on Fully Random 64QAM Sounding Signal in IEEE 802.11-20/0964r0
Adversarial Machine Learning in Cybersecurity: Challenges and Defenses
Adversarial Machine Learning in Cybersecurity: Challenges and Defenses
Understanding Control Hijacking Attacks and Defenses
Understanding Control Hijacking Attacks and Defenses
Understanding Adversarial Machine Learning Attacks
Understanding Adversarial Machine Learning Attacks
Understanding Active and Passive Voice in English Grammar
Understanding Active and Passive Voice in English Grammar
Active and Passive Voice Rules for All Tenses: Present Simple, Continuous, and Perfect
Active and Passive Voice Rules for All Tenses: Present Simple, Continuous, and Perfect
Understanding Computer Security Principles and Practices
Understanding Computer Security Principles and Practices
Understanding Active and Passive Verbs in English Sentences
Understanding Active and Passive Verbs in English Sentences
Understanding Active and Passive Voice in English Grammar
Understanding Active and Passive Voice in English Grammar
Understanding Active and Passive Voice in English Grammar
Understanding Active and Passive Voice in English Grammar
Progress of Network Architecture Work in FG IMT-2020
Progress of Network Architecture Work in FG IMT-2020
Exploring the Passive Voice in English Language
Exploring the Passive Voice in English Language
Understanding Passive Solar Design and Its Benefits
Understanding Passive Solar Design and Its Benefits
Examples of Passive Voice and Simple Present Tense in English
Examples of Passive Voice and Simple Present Tense in English
Impact of NVIDIA Stock Surge on Mutual Funds and Passive Funds Exposure
Impact of NVIDIA Stock Surge on Mutual Funds and Passive Funds Exposure
Understanding Passive Fire Protection in Buildings
Understanding Passive Fire Protection in Buildings
Introduction to Passive Movement in Physical Therapy
Introduction to Passive Movement in Physical Therapy