Answered step by step
Verified Expert Solution
Link Copied!

Question

1 Approved Answer

Default host discovery process: nmap - - reason - n - s n 1 9 2 . 1 6 8 . 1 . 0 2

Default host discovery process:
nmap --reason -n-sn192.168.1.024
A1: [ScreenShot] Take a screencap of the output of the following nmap scan
Port Scan
How it works:
Having identified the target IP range with passive information gathering we can begin to scan for open ports on the target by port scanning, a process whereby we meticulously connect to ports on the remote host to identify those that are active by how they respond.
Port Range Classifications
Well-Known ports (reserved):
1-1023
Registered with IANA
Only privileged users can bind to these ports
NOTE:in reference to "well-known" ports it means ports listed in nmap-services
Registered Ports:
1024-49,151
Registered with IANA (less used than reserved)
Unprivileged users can bind to these ports
Dynamic/Private ports:
49152-65535[This can vary depending on system]
Dynamic ephemeral ports
Any user can bind to these
NOTE: port 0 is a wildcard telling the OS to randomly pick one out of this range On Linux this port range is set in/proc/sys/net/ipv4/ip_local_port_range
Nmap Potential Port states:
Note: Use "--reason" switch to make nmap list how it classified each port.
Open
Port is accepting connections
TCP: Reason - SYN/ACK
UDP: Reason - no-response
or [udp-response] The application protocol answers back (rare)
Closed
Target answers request but port is closed
TCP: Reason - conn-refused [RST packet]
UDP: Reason -[ICMP] port-unreaches
Filtered [Firewall is up]
Target does not answer if the port is closed
Slows down scan big time
TCP: Reason - no-response
SYN sent but not RST sent back
UDP - Does Not Apply, See Open/Filtered
Unfiltered
Only ACK scan returns this (Used to enumerate firewall rule sets)
Port is accessible but nmap cannot tell if it is open
RST sent back
Open/Filtered
Nmap cannot tell if the port is open or filtered due to no response
UDP: Reason - no-response
There is no ACK type response
Closed/Filtered
Only IP ID Idle scan returns this
Nmap cannot tell if a port is Closed or filtered
Step 2) Scan targets for open TCP ports:
First use the default Nmap scan to enumerate the ports that are open on a target machine. Note: This will only scan the top 1000 ports out of 65535 total.
nmap --reason -n192.168.1.5
How did Nmap decide which ports are open and which ports are closed on the targets (Reason)?
Based on the information Nmap shows on non-open ports would you guess that there is a firewall between you and the target machine?
What information did you use to figure out if there was a firewall present?
A2: [ScreenShot] Take a screencap of the output of the following nmap scan
2. Is it possible that you missed some potentially open ports that could be useful?
Explain why or why not?
Try a full scan of all ports (This will take a long time).
nmap --reason -n-p-192.168.1.5
A3: [ScreenShot] Take a screencap of the output of the following nmap scan
Lets try to figure out the version of the Operating system and identify the applications that are listening on open ports!
This time we are going to specify just the open ports that you found in the full port scan that you just completed.
Note: put all port numbers that you found in the last scan into nmap after the '-p' argument. Ex: -p135.136.445.5985.etc......
nmap --reason - A -n-p ### 192.168.1.5
A4: [ScreenShot] Take a screencap of the output of the following nmap scan
Step 3) Scan targets for open UDP ports:
Nmap scan to enumerate the UDP ports that are open on a target machine.
nmap --reason -n-sU192.168.1.5
A5: [ScreenShot] Take a screencap of the output of the following nmap scan
Additional Info:
Research other tools used for network detection and reconnaissance.
image text in transcribed

Step by Step Solution

There are 3 Steps involved in it

Step: 1

blur-text-image

Get Instant Access to Expert-Tailored Solutions

See step-by-step solutions with expert insights and AI powered tools for academic success

Step: 2

blur-text-image

Step: 3

blur-text-image

Ace Your Homework with AI

Get the answers you need in no time with our AI-driven, step-by-step assistance

Get Started

Recommended Textbook for

Database Processing

Authors: David J. Auer David M. Kroenke

13th Edition

ISBN: B01366W6DS, 978-0133058352

More Books

Students also viewed these Databases questions