Scanning with hping3, ACK Scan, and Windows Firewall

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *

Already have an account? Sign In »

8 hours 49 minutes
Video Transcription
they have one lab. We just went ahead and ran. Our Christmas canIs wall is a sin scan on our target. We took a look at the results on that. Now, in this video, we're gonna actually go turning on the Windows firewall again. We're gonna do our typical thing where we did before of blocking incoming connections, and we're gonna do Ultimately, there's running acknowledgement scan after we do all that
and take a look to see if there's any type of packet loss animal.
So let's go ahead and get started here. So we want to connect back to our P lab essay on one machine. So that top one there again, just have your mouse over top and click on the name.
And then we're gonna go ahead and modify our Windows firewall setting so you'll see here. We're gonna right click on the start menu. We're gonna type in firewall dot CPL in the run option and then just press intern on her keyboard to pull up the Windows firewall screen. So just right click here, go to run.
And then we're gonna type in firewall
dot CPL and then just press enter on a keyboard it'll pull up the Windows firewall for us.
Our next step is on the left side. Here. We're gonna click the turn, Windows firewall on or off and that have actually texted the screen where we want to make some modifications to these settings here. So let's go back to our lab documents. Double check. What are setting? Changes are gonna be so that's gonna be here under step six and step seven.
So in the top option here, we're going to just check the box to the left of the block, all incoming connections
and then in the bottom box, we're gonna turn on Windows firewall and then check the box next to blocking all incoming connections.
Let's go ahead. Do that. Now, we're just gonna check this box here
and then were to turn on Windows firewall by clicking there and then click in the box to block all the incoming connections. And then the last step here is just clicking on the okay button to save those changes. Now it's a mentioned before in previous video. This may lock up this particular machine. That's fine. We're not gonna come back to this one. We're actually gonna be done after this video in the lab series.
And so not all we're gonna do is go back to our Windows 10 machines. So just click back on our Windows 10 machine. We're back here at the command prompt. I'm gonna type in clear again, like I normally do just to clear things up in press enter again. You don't have to do that if you don't want to.
And so now we're gonna go ahead and actually run our command.
So in the terminal window, we're gonna take this command here. So the H Ping three space dash lower case C space the number one space dash capital, the space national lowercase P space, the number 80 space dash lower Case s space. The number 5555 Again, we're specifying the port number. We want to send packets from
ah, space Dash Capital A
and then finally are 1 92.168 dot 0.1 i p address. So, as usual, we're gonna go step by step through this. So the first part we're gonna type in is H paying three space national case. See,
so h paying three spaces national over. Casey
All right. So the next thing we're gonna type in is gonna be a space the number one and then a dash capital V.
So, space the number one a dash space and then a dash Capital V as in Victor,
we'll put another space,
and then we're gonna type in the port number here. So we're gonna type in dash lower case p space, the number 80.
So dash over, case P space the number 80 to specify port number eighties where we want to send it to.
We'll put another space here, and then we're gonna put a dash lower case s
space and then 5555 again specifying the port number that we want to send the traffic from.
We'll put another space here,
and then finally, we're gonna put in a dash capital A and then our i p address. So we're gonna type in dash capital a space and then our i P address, and we've been using the 1 92.168 dot 0.1 and then just press enter into keyboard there to go ahead and run. The scan shouldn't take too long to run. You see, It just happened there pretty quickly. But now let's take a look at our questions here.
question everyone. What's the percentage of packet loss and question two? How did that differ from when we ran that initial acknowledgement scan a couple of videos ago.
So let's take a look here and see what kind of results we get back. So what percentage of the packet lost is there?
All right, so we see that it's 100% packet loss, right? And the difference is between the previous scam we ran and this one, as we noticed in the previous scan that we sent a packet, we gotta pack it back. And so we had a 0% packet loss. So this makes perfect sense, right? We do see that there's a firewall in place or in use
s so this could be a helpful thing. As we're scanning
particular systems to find out. Is there a firewall in the way, you know? Is there Is there a packet loss? Is it related to possibly a firewall? You know, and that might tell us like Okay, well, this thing secured. So number one, there might be something valuable on this system that we want to get to and number two made. We need to be a little more stealthy about our approach sensor are
security appliances in use
are so in this entire lab. Siri's. So all these videos here we went ahead and just kind of broke down some different and map in H Ping three commands. We also went ahead and turned on with Windows firewall in a couple instances and notice the difference between running a command with it on and with it off
and the next module, we're gonna talk about things like banner grabbing a CZ Wells, things like open ports.
Up Next