How to scan a target for open ports and services using Netcat, SuperScan, Strobe
Netcat: The netcat application has many uses; one is the ability to scan a target for open ports and services. Another utility, cryptcat, is almost identical except that it operates with encryption.
From a DOS prompt, type the following with the syntax of:
Other useful commands for Netcat
The –v option instructs netcat to run in verbose mode, allowing you to see the progress of the scan.
The –r option instructs netcat to randomize local and remote ports in an attempt to elude any intrusion detection systems.
The –w2 option instructs netcat to wait 2 seconds between each port scanned to help elude any intrusion detection systems.
The –z option instructs netcat to operate in a zero-I/O (Input/Output) mode. It is best to use the –z when scanning with netcat.
The 1-1024 instructs netcat to scan port 1-1024.
*Note: 7, 13, 17, 9, and 19 as these ports can easily be used to create a Denial of Service (DoS). These ports should not be open to the Internet.
SuperScan: SuperScan has the ability to discover which ports are open on the target. Identifying the open ports tells an attacker what ports are available for potential exploit.
Accept the default installation of SuperScan. The installation will occur and the SuperScan application will start.
Strobe: The Strobe application identifies ports open on the target. By identifying the ports available this gives an attacker a potential hole to attempt to punch through and compromise the computer and/or network. Remember that all commands in Linux are case sensitive.
For the Windows-based version install and execute with the following syntax:
./strobe (Target IP)
From the Linux directory containing the compressed file type tar –zxvf strobe103.tar.gz. The files will uncompress into a new directory named strobe. Change to the new directory by typing cd strobe and pressing Enter. From the new directory type make install and press Enter.
To execute Strobe against the target in this example: ./strobe 172.16.1.40
The Strobe application will now execute against the target.
0 comments:
Post a Comment