3.14 Scanning Techniques Lab Part 5 EH

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with

Already have an account? Sign In »

9 hours 47 minutes
Video Transcription
Hi. Welcome back to the course. In the last video we went ahead and installed are Zen map buoys which remember, gooey is graphical user interface.
If you haven't done that yet, go ahead and pause this video. Go back to that video and get that installed
in this video. We're actually gonna use then map to run a Christmas scan.
So let's go ahead and get started. So on her desktop, here we see we have the Zen map gooey. Let's go ahead and double click on that toe. Open it up.
So that's step number one here
and again. I just got a note here. That Zen Matt that's agree. Version of En met. Now step number two actually gonna go ahead and type are commanded here, and we're gonna run it.
So I wanna stress as we type this in here. I want to stress that the Christmas scans are very noisy, is right. So they're basically lighting up stuff like a Christmas tree, and that's where it gets the name.
So in the command box here
for step number two, that's where we're gonna type our command at. So you could either highlight it all and deleted out or what I'm gonna do is I'm gonna be a little lazy here and just leave the end map in there. We'll take the rest of our command. So we have n map space and then a dash,
and then we're the type of lower keys s and a capital X. So that's our Christmas tree scan switch.
And then we're just gonna type R i p address a 1 92
that 168
0.0 dot three
back under lab document here we've typed in
and map space Dash lower case s capital X space, and then our i p address our target I p address.
All right, so in this one, we're actually skin Are Callie machine in a virtual environment here again, it's very noisy. Scan. And then this dash s X, it's basically gonna be setting the flags for the Finnish flag, the push flag of the urgent flake, which again we went over when we did the video on TCP header flags
so it doesn't set the sin flag, so I want to stress that point right there. So that's why we use this against Lennox based machines,
a port here is gonna be marked as closed if it sends back in our CPAC. It if there's no response is gonna mark that Porter's open.
So let's go ahead and run this and take a look at what is telling us.
So we're gonna run the commander. You're gonna see all the output in this window right here.
So it's gonna take a little bit of time to run the command.
We'll see what kind of response we get.
All right, so there we go. It's starting to give us a little information back. So you see here we got a couple of ports that are opened here. We see that they're filtered as well. It also tells us a service running on it as well.
All right, we're gonna let that go. So we're gonna move on to step number three here because since we have a little bit of data back, so we do see some open ports under question one
so we can go ahead and jot that down there. We could shut down the Wi see 22 we see 59 01
And we also see it looks like 6000 and one,
so Those are all open ports now. Do we see any close ports at all? Well, I don't see any on here.
It's not. Show me any.
So we're just going to say no to that question there.
Now we're gonna run another command here. This is gonna be the reason, Command. So we're gonna back out a little bit here. Or you could just type everything again if you want to.
So our next command that we're gonna type here is the same thing. The end map, dash lower case s Capital X,
and then we're gonna put dash reason
and then a space. And then we put our i p address against were just slightly changing our command here. So we're just gonna I'm actually gonna again take that kind of a little lazy rate out way out here and just type of dash and then a lower case reason and put a space
so that would be the next command we're going to use and then just hit enter.
Well, let's see what kind of output we get here.
So again, it might take a moment or so here. And it depends on your particular environment. If you're using the cyber one. It's pretty quick if you're running this on your own stuff is gonna depend on how much memory your processor basically your particular hardware that you're using.
So let's see, Do we get any response at all here? So we do see that
they're open, they're filtered, so we get the same information there. But then we have a reason here. So why is it telling us that it's an open port? Well, because it got no response, right? So if you remember that apart port is gonna be marked open if no response is received when we're running the Christmas scan.
So in this video, we went over running a couple different Christmas scans toe look to see if ports were open. And then we also rent the command to see what the reason was. And obviously we already knew that because there is no response received that is gonna mark. The port is open.
So in the next video, we're actually gonna run an acknowledgment scan or a C K packet scan
in en masse
Up Next
Penetration Testing and Ethical Hacking

If the idea of hacking as a career excites you, you will benefit greatly from completing this training here on Cybrary. You will learn how to exploit networks in the manner of an attacker, in order to find out how protect the system from them. Those interested in earning their Certified Ethical Hacker (CEH) will want to start by taking this course

Instructed By