Is the Scanning of Computer Networks Dangerous?

Similar documents
Port Scanning and Vulnerability Assessment. ECE4893 Internetwork Security Georgia Institute of Technology

Penetration Testing. NTS330 Unit 1 Penetration V1.0. February 20, Juan Ortega. Juan Ortega, juaorteg@uat.edu. 1 Juan Ortega, juaorteg@uat.

Before deploying SiteAudit it is recommended to review the information below. This will ensure efficient installation and operation of SiteAudit.

Nessus. A short review of the Nessus computer network vulnerability analysing tool. Authors: Henrik Andersson Johannes Gumbel Martin Andersson

WhatsUpGold. v3.0. WhatsConnected User Guide

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs

1.0 Introduction. 2.0 Data Gathering

NETWORK SECURITY WITH OPENSOURCE FIREWALL

Introduction to Network Security Lab 2 - NMap

Pwning Intranets with HTML5

Port Scanning. Objectives. Introduction: Port Scanning. 1. Introduce the techniques of port scanning. 2. Use port scanning audit tools such as Nmap.

Corporate VPN Using Mikrotik Cloud Feature. By SOUMIL GUPTA BHAYA Mikortik Certified Trainer

Medical Device Security Health Group Digital Output

Computer Security CS 426 Lecture 36. CS426 Fall 2010/Lecture 36 1

Network Security. Marcus Bendtsen Institutionen för Datavetenskap (IDA) Avdelningen för Databas- och Informationsteknik (ADIT)

How To Identify Different Operating Systems From A Set Of Network Flows

Implementation & Management of Systems Security. Amavax Project. Ethical Hacking Challenge. Group Project By

IBM. Vulnerability scanning and best practices

Additional Information: A link to the conference website is available at:

AVG 8.5 Anti-Virus Network Edition

Medical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak Medical Image Manager (MIM) Version 6.1.

idatafax Troubleshooting

On the Deficiencies of Active Network Discovery Systems

xvm Server and xvm VirtualBox Christopher Beal Principal Engineer

Medical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak DryView 8150 Imager Release 1.0.

Considerations In Developing Firewall Selection Criteria. Adeptech Systems, Inc.

1 hours, 30 minutes, 38 seconds Heavy scan. All scanned network resources. Copyright 2001, FTP access obtained

Penetration Testing. What Is a Penetration Testing?

Tools for penetration tests 1. Carlo U. Nicola, HT FHNW With extracts from documents of : Google; Wireshark; nmap; Nessus.

How To Connect To Bloomerg.Com With A Network Card From A Powerline To A Powerpoint Terminal On A Microsoft Powerbook (Powerline) On A Blackberry Or Ipnet (Powerbook) On An Ipnet Box On

Firewalls and Software Updates

Network Penetration Testing and Ethical Hacking Scanning/Penetration Testing. SANS Security Sans Mentor: Daryl Fallin

Security Threat Kill Chain What log data would you need to identify an APT and perform forensic analysis?

Integrated and reliable the heart of your iseries system. i5/os the next generation iseries operating system

Advanced Network Scanning

The Risks that Pen Tests don t Find. OWASP 13 April The OWASP Foundation

During your session you will have access to the following lab configuration. CLIENT1 (Windows XP Workstation) /24

Scanning Tools. Scan Types. Network sweeping - Basic technique used to determine which of a range of IP addresses map to live hosts.

Installing and Configuring Nessus by Nitesh Dhanjani

IOSMap: TCP and UDP Port Scanning on Cisco IOS Platforms

Complete Patch Management

Network Defense Tools

Host/Platform Security. Module 11

HughesNet Broadband VPN End-to-End Security Enabled by the HN7700S-R

Cloud Web-Based Operating System (Cloud Web Os)

HONEYD (OPEN SOURCE HONEYPOT SOFTWARE)

Getting Started. Symantec Client Security. About Symantec Client Security. How to get started

Firewalls. Pehr Söderman KTH-CSC

Kaspersky Endpoint Security 10 for Windows. Deployment guide

Firewalls Overview and Best Practices. White Paper

Magnet Voice Windows PC Softphone Installation

Release Notes for Websense Security v7.2

Make a folder named Lab3. We will be using Unix redirection commands to create several output files in that folder.

Medical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak CR V4.1

Recon and Mapping Tools and Exploitation Tools in SamuraiWTF Report section Nick Robbins

Penetration Testing LAB Setup Guide

Configuring SSL VPN on the Cisco ISA500 Security Appliance

The Nexpose Expert System

VULNERABILITY ASSESSMENT WHITEPAPER INTRODUCTION, IMPLEMENTATION AND TECHNOLOGY DISCUSSION

AutoDownload: SQL Server and Network Trouble Shooting

Healthcare Information Security Governance and Public Safety II

Automating Linux Malware Analysis Using Limon Sandbox Monnappa K A monnappa22@gmail.com

Learn Ethical Hacking, Become a Pentester

Using WhatsUp IP Address Manager 1.0

Assets, Groups & Networks

Product comparison. GFI LanGuard 2014 vs. Microsoft Windows Server Update Services 3.0 SP2

Overview. Firewall Security. Perimeter Security Devices. Routers

BlackBerry Enterprise Server for Microsoft Exchange Version: 5.0 Service Pack: 2. Feature and Technical Overview

Host Hardening. OS Vulnerability test. CERT Report on systems vulnerabilities. (March 21, 2011)

INFORMATION SECURITY TRAINING CATALOG (2015)

SyncThru TM Web Admin Service Administrator Manual

Rapid Assessment Key v2 Technical Overview


Web. Anti- Spam. Disk. Mail DNS. Server. Backup

iscsi Security (Insecure SCSI) Presenter: Himanshu Dwivedi

Network Licensing. White Paper 0-15Apr014ks(WP02_Network) Network Licensing with the CRYPTO-BOX. White Paper

FREQUENTLY ASKED QUESTIONS

WINDOWS Operating System

Security Management. Keeping the IT Security Administrator Busy

A CrossTec Corporation. Instructional Setup Guide. Activeworx Security Center Quick Install Guide

Lecture 5: Network Attacks I. Course Admin

Project 4: IP over DNS Due: 11:59 PM, Dec 14, 2015

Open Source Security: Opportunity or Oxymoron?

Log Management with Open-Source Tools. Risto Vaarandi SEB Estonia

Upgrade to Webtrends Analytics 8.7: Best Practices

Virtual Private Network Using Peer-to-Peer Techniques

LASTLINE WHITEPAPER. In-Depth Analysis of Malware

ManageEngine IT360. Professional Edition Installation Guide.

Sun xvm VirtualBox Product Overview

Nessus Agents. October 2015

Active Network Monitor

Testing New Applications In The DMZ Using VMware ESX. Ivan Dell Era Software Engineer IBM

PANDORA FMS NETWORK DEVICE MONITORING

How to build a security assessment program. Dan Boucaut

Transcription:

Baltic DB & IS 2008 Tallinn University of Technology Is the Scanning of Computer Networks Dangerous? 5.06.2008

The talk is about... The need of network scanning, its main principles and related problems A freely available network scanning tool, which can be used in practice, and its design Angry IP Scanner 2

Scanning of computer networks Examining a single network address Searching for addresses with specific properties IP Scanning involves Pinging Port scanning Gathering of other information 3

Typical gathered information Alive/dead status Average packet roundtrip time TTL distance (in number of routers) Host and domain names Open and filtered TCP and UDP ports Running services and their versions OS type and version Much more info can be obtained indirectly 4

Scanning purposes Offensive (Attacks) Defensive (Preventive defense) Maintenance (Monitoring and inventory) 5

Legal issues Most countries' laws forbid getting illegal access to data, destroying, spoiling, modifying it, or reducing its usefulness or value in any other way Scanning results provide mostly publicly available and freely available information therefore it is legal with the probable exception of some 'more advanced' scanning techniques 6

Safety How safe is it to perform scanning nowadays? legal, but may cause problems Are such tools dangerous for the humanity? best tools for maintaining security are the same ones that can be used in preparation for attacks 7

State of Internet security Foundation protocols are old there have been more trust before Present-day Internet is insecure too much anonymity weak authentication (passwords) vulnerable routing and DNS low-quality software human factor (social engineering, mistakes, lack of knowledge and skills) 8

Angry IP Scanner Open source GPL Cross-platform User-friendly Extensible (Nice name) 9

Technological choices Java modern and popular, now open-source productive portable, cross-platform JNI (Java Native Interface) SWT open source good performance native look and feel on all platforms 10

Modularity and Extensibility Modular design Possibility of plugins Feeders generate addresses for scanning Pingers check the alive status Fetchers retrieve info about each address Exporters store the scanning results Openers open addresses in other software User selects feeder and inputs parameters User selects fetchers used for the scan User choses to export the results Fetchers Exporters Disk or other storage Fetchers Fetchers Fetchers Feeders Scanner sequentially passes control to Fetchers and Pingers Scanning results Fetchers Fetchers Pingers User choses to do something with a single result Fetchers Openers External software processes the result 11

Increasing performance Parallelizing Adapted timeouts Thread pooling Speed-accuracy compromise SYN-ACK-RST scanning 12

Simplified state diagram 13

Platform support Linux primary development platform best choice for scanning Mac OS X based on FreeBSD kernel lots of conceptual differences Windows support due to popularity inferior to anything else out there 14

Deployment One-file executable (jar) Separate for each platform Linux: rpm & deb Mac: application bundle Windows: exe Automatically extracts native libraries (.dll and.so) Size < 1 Mb 15

Comparison with other tools Nmap Probably the most popular scanner Has some 'more advanced' tricks Windows support is fairly new Harder to use Requires proper installation Angry IP Scanner No installation necessary Runnable from USB drives GUI by design ease of use Superior extensibility via plugins No other comparable general-purpose, opensource and cross-platform scanners 16

Problems (1) Many low-quality clones Angry IP Scanner was the first general-purpose GUI scanner Anti-virus software nowadays AV vendors tend to enlarge their databases at any price they take users' freedom away (even more than Microsoft does) 17

Problems (2) Windows >= XP SP2 Used by ~70% of users (unfortunately) Removed raw socket support hard to do more exotic things TCP connection rate limiting max 10 simultaneous connection attempts (max 2 in some Vista editions) very slow scanning performance 18

Results (1) Working software (primary measure of success) 19

Results (2) Official homepage: http://www.azib.net/ipscan/ 10000 page views /day 3000 downloads /day The first ip scanner in Google! Project homepage: http://sourceforge.net/projects/ipscan/ Subversion: version control Bug and feature tracking Forums 20

Results (3) Download history of Angry IP Scanner * Last 12 months Last 2 months Increasing trend Less downloads during weekends - (June stats are incomplete) people use it at work * These stats reflect only downloads from sourceforge servers, but the application is widely mirrored on many 3rd-party software download sites 21

Now & Future Continue the development more functionality (OS fingerprinting, version detection, stealth scanning, etc) bugfixing Involve more people better documentation wiki-based homepage more example plugins 22

Scanning of computer networks Live demo & Questions! 23

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information