IV Needle Injecting Tech into the Vein

13May/090

Network Sweeping

ICMP-type8 Echo Requests ‘Pings’

  • Frequently blocked
  • Noisy + frequently monitored / signature

TCP packets to likely open ports

  • 3-way initialization
  • Various possibilities
  • May traverse IDS/IPS

UDP packets to likely closed ports

  • ICMP Port Unreachable messages
  • Non-reliable

Angry IP Scanner (v2.21 Apr 04 / v3.0-beta4 Mar 09) [Some AV software may have signature]

  • v2.x - Windows-XP
  • - Standalone binary
  • v3.x - Cross-platform
  • - Requires Java
  • - Windows 2000/XP/Vista | MacOS X Intel/PPC | Linux
  • Threaded for each scanned IP
  • ICMP Echo Request sweep
  • TCP port scan
  • Gets MAC addresses
  • Gathers NetBIOS names and Workgroups

ICMPQuery (v1.0.3 2000) [Dave Andersen cs.ut.edu -> cs.cmu.edu]

  • CLI Linux/Unix
  • ICMP Timestamp (t13) and Address Mask Request (t17)

Posted by: Heavymeddler

Filed under: Uncategorized No Comments

Calendar

May 2009
S M T W T F S
    Jun »
 12
3456789
10111213141516
17181920212223
24252627282930
31  

Pages

Recent Posts

Meta

Tags

about config analysis banned ports bluetooth cheat sheet dell dig dns dnsstuff enigma firefox Forensics gmail reader hd high definition interrogation jaunty microsoft 5000 mini mouse netcat nslookup password rainmeter resolution royale noir share shared folder ssh symbolic link theme traceroute tunneling ubuntu vi vim virtualbox volatile whois windows windows xp

Categories