Wednesday, 24 January 2024

CEH: Identifying Services & Scanning Ports | Gathering Network And Host Information | NMAP


CEH scanning methodology is the important step i.e. scanning for open ports over a network. Port is the technique used to scan for open ports. This methodology performed for the observation of the open and close ports running on the targeted machine. Port scanning gathered a valuable information about  the host and the weakness of the system more than ping sweep.

Network Mapping (NMAP)

Basically NMAP stands for Network Mapping. A free open source tool used for scanning ports, service detection, operating system detection and IP address detection of the targeted machine. Moreover, it performs a quick and efficient scanning a large number of machines in a single session to gathered information about ports and system connected to the network. It can be used over UNIX, LINUX and Windows.

There are some terminologies which we should understand directly whenever we heard like Open ports, Filtered ports and Unfiltered ports.

Open Ports means the target machine accepts incoming request on that port cause these ports are used to accept packets due to the configuration of TCP and UDP.

Filtered ports means the ports are usually opened but due to firewall or network filtering the nmap doesn't detect the open ports.

Unfiltered means the nmap is unable to determine whether the port is open or filtered  while the port is accessible.

Types Of NMAP Scan


Scan Type Description
Null Scan This scan is performed by both an ethical hackers and black hat hackers. This scan is used to identify the TCP port whether it is open or closed. Moreover, it only works over UNIX  based systems.
TCP connect The attacker makes a full TCP connection to the target system. There's an opportunity to connect the specifically port which you want to connect with. SYN/ACK signal observed for open ports while RST/ACK signal observed for closed ports.
ACK scan Discovering the state of firewall with the help ACK scan whether it is stateful or stateless. This scan is typically used for the detection of filtered ports if ports are filtered. Moreover, it only works over the UNIX based systems.
Windows scan This type of scan is similar to the ACK scan but there is ability to detect an open ports as well filtered ports.
SYN stealth scan This malicious attack is mostly performed by attacker to detect the communication ports without making full connection to the network.
This is also known as half-open scanning. 

 

All NMAP Commands 


Commands Scan Performed
-sT TCP connect scan
-sS SYN scan
-sF FIN scan
-sX XMAS tree scan
-sN Null scan
-sP Ping scan
-sU UDP scan
-sO Protocol scan
-sA ACK scan
-sW Window scan
-sR RPC scan
-sL List/DNS scan
-sI Idle scan
-Po Don't ping
-PT TCP ping
-PS SYN ping
-PI ICMP ping
-PB ICMP and TCP ping
-PB ICMP timestamp
-PM ICMP netmask
-oN Normal output
-oX XML output
-oG Greppable output
-oA All output
-T Paranoid Serial scan; 300 sec between scans
-T Sneaky Serial scan; 15 sec between scans
-T Polite Serial scan; .4 sec between scans
-T Normal Parallel scan
-T Aggressive Parallel scan, 300 sec timeout, and 1.25 sec/probe
-T Insane Parallel scan, 75 sec timeout, and .3 sec/probe

 

How to Scan

You can perform nmap scanning over the windows command prompt followed by the syntax below. For example, If you wanna scan the host with the IP address 192.168.2.1 using a TCP connect scan type, enter this command:

nmap 192.168.2.1 –sT

nmap -sT 192.168.2.1

More articles

  1. Hacking Tools Windows
  2. Pentest Tools Github
  3. Hacking Tools Online
  4. Pentest Tools Framework
  5. Hacking App
  6. Pentest Tools Review
  7. Hacking Tools For Windows Free Download
  8. Hack Tools Github
  9. Pentest Tools Url Fuzzer
  10. Hak5 Tools
  11. Pentest Tools Free
  12. Hack Tools Github
  13. Hacking Tools Pc
  14. Hack Tools Github
  15. Hack App
  16. Game Hacking
  17. Hacking Tools Windows
  18. Hack Tools
  19. Hacker Tools Free
  20. Hackers Toolbox
  21. Ethical Hacker Tools
  22. Hacker Tools List
  23. Pentest Reporting Tools
  24. Hack Tools Online
  25. Pentest Tools Tcp Port Scanner
  26. Hack App
  27. Pentest Tools Url Fuzzer
  28. Hack Tool Apk
  29. Hacker Tools List
  30. Pentest Tools Bluekeep
  31. Pentest Tools Framework
  32. Hacker Tools Hardware
  33. Hacking Tools Name
  34. Usb Pentest Tools
  35. Hacking App
  36. New Hacker Tools
  37. Hacker Tools Hardware
  38. Hacking App
  39. Hacking Tools Kit
  40. Pentest Tools Windows
  41. Hack Tools For Windows
  42. Hacking Tools For Mac
  43. Ethical Hacker Tools
  44. Pentest Tools Find Subdomains
  45. Pentest Tools For Android
  46. Pentest Tools Subdomain
  47. Hack Tools Pc
  48. Pentest Tools Subdomain
  49. Hack Tools
  50. Pentest Tools Nmap
  51. How To Make Hacking Tools
  52. Hack Website Online Tool
  53. Hacker
  54. Pentest Tools Website Vulnerability
  55. Hacking Tools Windows 10
  56. Pentest Box Tools Download
  57. Pentest Recon Tools
  58. Hack Tools Pc
  59. Hack Tool Apk
  60. Hacker Hardware Tools
  61. Pentest Tools Free
  62. Hacking Tools Download
  63. Hacking Tools Software
  64. Pentest Tools Alternative
  65. New Hacker Tools
  66. Pentest Recon Tools
  67. Hacker Tools 2019
  68. Blackhat Hacker Tools
  69. How To Make Hacking Tools
  70. Hacker Tools For Pc
  71. Hack Tools Download
  72. Hacking Tools Online
  73. Hack Tools Pc
  74. Hacker Tools Mac
  75. Hack Rom Tools
  76. What Are Hacking Tools
  77. Nsa Hack Tools Download
  78. Pentest Tools For Windows
  79. Hack Tool Apk
  80. Hacking Apps
  81. Hacker Tools Free Download
  82. New Hacker Tools
  83. What Is Hacking Tools
  84. Best Hacking Tools 2020
  85. Tools For Hacker
  86. Hack Tools For Mac
  87. Wifi Hacker Tools For Windows
  88. Pentest Recon Tools
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)