Network Mapping

34
Network Mapping Identify Live Hosts Determine running Services TCP Port Scanning UDP Port Scanning Banner Grabbing ARP Discovery Identify Perimeter Network (Router / Firewalls) Tracerouting Scan Default Firewall/Router Ports Perform FIN/ACK Scan Map Router / Firewall Rule-Base Passive OS Guessing Active OS Guessing TCP/IP Stack Fingerprinting HTTP Packet Analysis ICMP Packet Analysis Telnet Handshake Analysis Host Enumeration Systems Enumeration Heorot.net

TAGS:

description

Network Mapping. Identify Live Hosts Determine running Services TCP Port Scanning UDP Port Scanning Banner Grabbing ARP Discovery Identify Perimeter Network (Router / Firewalls) ‏ Tracerouting Scan Default Firewall/Router Ports Perform FIN/ACK Scan Map Router / Firewall Rule-Base. - PowerPoint PPT Presentation

Transcript of Network Mapping

Page 1: Network Mapping

Network Mapping Identify Live Hosts Determine running Services

TCP Port Scanning UDP Port Scanning Banner Grabbing ARP Discovery

Identify Perimeter Network (Router / Firewalls) Tracerouting Scan Default Firewall/Router

Ports Perform FIN/ACK Scan Map Router / Firewall

Rule-Base

Passive OS Guessing Active OS Guessing

TCP/IP Stack Fingerprinting HTTP Packet Analysis ICMP Packet Analysis Telnet Handshake Analysis

Host Enumeration Systems Enumeration

Heorot.net

Page 2: Network Mapping

Identify Live Hosts

Project Scope will restrict scan spectrum

Tools:pingnmaphpingtraceroutetpctraceroute

Heorot.net

Page 3: Network Mapping

Identify Live Hosts

ping Demonstration

Page 4: Network Mapping

Identify Live Hosts

nmap Demonstration

Page 5: Network Mapping

Identify Live Hosts

hping Demonstration

Page 6: Network Mapping

Identify Live Hosts

traceroute Demonstration

Page 7: Network Mapping

Identify Live Hosts

tcptraceroute Demonstration

Page 8: Network Mapping

Hands-On Exercise Identify Live Hosts

Tools:pingnmaphpingtraceroutetpctraceroute

Man pages# man ping# man nmap# man traceroute# man tcptraceroute

Difference between:TCPUDP

What is an “ICMP echo request”?#man icmp

Heorot.net

Page 9: Network Mapping

Determine Running Services

TCP Port Scanning UDP Port Scanning Banner Grabbing ARP Discovery

Heorot.net

Page 10: Network Mapping

Determine Running Services

TCP Port Scanning

Tools:nmapnetcathping

Heorot.net

Page 11: Network Mapping

Determine Running Services

nmap Demonstration

Page 12: Network Mapping

Determine Running Services

netcat Demonstration

Page 13: Network Mapping

Determine Running Services

hping Demonstration

Page 14: Network Mapping

Determine Running Services

UDP Port Scanning

Tools:nmapnetcathping

Heorot.net

Page 15: Network Mapping

Determine Running Services

nmap Demonstration

Page 16: Network Mapping

Determine Running Services

netcat Demonstration

Page 17: Network Mapping

Determine Running Services

hping Demonstration

Page 18: Network Mapping

Determine Running Services

Banner Grabbing

Tools:nmapamapnetcattelnet

Heorot.net

Page 19: Network Mapping

Determine Running Services

nmap Demonstration

Page 20: Network Mapping

Determine Running Services

amap Demonstration

Page 21: Network Mapping

Determine Running Services

netcat Demonstration

Page 22: Network Mapping

Determine Running Services

telnet Demonstration

Page 23: Network Mapping

Determine Running Services

ARP Discovery

Tools:arpingarp + protocol analyzer

Heorot.net

Page 24: Network Mapping

Hands-On Exercise Determining Running Services

Tools:nmapnetcathpingamapnetcattelnet

TCP Services5 “open” services

UDP Services1 “closed” service

(or is it???)

BannersHow many banners can you

grab?Version InformationApplication Name

TCP 3-way Handshake

Heorot.net

Page 25: Network Mapping

Operating System Guessing

Operating System Query

Tools:httprintnetcatnmap

Heorot.net

Page 26: Network Mapping

Operating System Guessing

httprint Demonstration

Page 27: Network Mapping

Operating System Guessing

netcat Demonstration

Page 28: Network Mapping

Operating System Guessing

ICMP Packet Analysis

Tools:xprobe

Heorot.net

Page 29: Network Mapping

Operating System Guessing

xprobe Demonstration

Page 30: Network Mapping

Operating System Guessing

Telnet Handshake Analysis

Tools:nmaptelnetfp

Heorot.net

Page 31: Network Mapping

Operating System Guessing

nmap Demonstration

Page 32: Network Mapping

Host Enumeration

What did you miss?Unknown application?

Unusual OS?

Time to read up:RFC (Request for Comments)White PapersManuals

Heorot.net

Page 33: Network Mapping

Hands-On Exercise Operating System Guessing / Host Enumeration

Tools:xprobenmap

RFCsWhat they areWho produces themRFC 793, 768, 792

○ Bonus: 854, 4251○ Super-Geek Bonus: 3766

White PapersLinuxSlackware

DocumentationSlackware

Heorot.net

Page 34: Network Mapping

Module 4 – Conclusion

Phase II Controls Assessment Scheduling

○ Information Gathering○ Network Mapping

Identify Live HostsDetermine running ServicesIdentify Perimeter Network (Router / Firewalls)Passive OS GuessingActive OS GuessingHost Enumeration

Heorot.net


Network Knowledge Mapping webinar

Network Knowledge Mapping webinar

An Easy Guide to Network Mapping in Enterprise Network ...web.swcdn.net/creative/pdf/Whitepapers/guide... · An Easy Guide to Network Mapping in Enterprise Network Monitoring ...

An Easy Guide to Network Mapping in Enterprise Network ...web.swcdn.net/creative/pdf/Whitepapers/guide... · An Easy Guide to Network Mapping in Enterprise Network Monitoring ...

Knowledge Network Mapping For Succession Planning

Knowledge Network Mapping For Succession Planning

Network Mapping & Data Storytelling for Beginners

Network Mapping & Data Storytelling for Beginners

Introduction to Network Mapping

Introduction to Network Mapping

Home | Community Mapping Network

Home | Community Mapping Network

Dual Band Network Handover Algorithm Mapping

Dual Band Network Handover Algorithm Mapping

Mapping out emerging network structures in dynamic network …€¦ · Mapping out emerging network structures in dynamic network models coupled with epidemics Istvan Z. Kiss, Luc

Mapping out emerging network structures in dynamic network …€¦ · Mapping out emerging network structures in dynamic network models coupled with epidemics Istvan Z. Kiss, Luc

Indigenous Mapping Network Presentation at UCHRI

Indigenous Mapping Network Presentation at UCHRI

Nmap(network mapping)

Nmap(network mapping)

Network mapping Webinar

Network mapping Webinar

8 network mapping II

8 network mapping II

Mapping the Users & Innovation Programme Network

Mapping the Users & Innovation Programme Network

The Mapping Network Lake Mapping

The Mapping Network Lake Mapping

Croatian Geomagnetic Network for Field Mapping Croatian Geomagnetic Network for Field Mapping (CGNFM) was similarly designed as the repeat stations network.

Croatian Geomagnetic Network for Field Mapping Croatian Geomagnetic Network for Field Mapping (CGNFM) was similarly designed as the repeat stations network.

Study of Tools for Network Discovery and Network Mapping

Study of Tools for Network Discovery and Network Mapping

Mapping Cores on Network-on-Chip

Mapping Cores on Network-on-Chip

Mapping Network Drives - its.humber.ca€¦ · Mapping Network Drives From Home Windows Devices In order to map your network drives, you will need to be connected to the Humber network

Mapping Network Drives - its.humber.ca€¦ · Mapping Network Drives From Home Windows Devices In order to map your network drives, you will need to be connected to the Humber network

Croatian Geomagnetic Network for Field Mapping

Croatian Geomagnetic Network for Field Mapping

Inverclyde green network opportunities mapping final report

Inverclyde green network opportunities mapping final report