CEH v10 Scanning phase objectives and types of scanning

After footprinting phase, you may have enough information about the target now is Scanning network phase requires some of this information to proceed further. Scanning is a set of procedure For identifying live hosts, port and services, discovering operating system and architecture of targeting system identifying vulnerabilities and threats in the network. CEH v10 Scanning phase objectives and types of scanning


scanning refers to the collecting more information using complex and aggressive reconnaissance and technique


Network scanning refers to a set of procedures for identifying hosts, ports, and services in a network.


Network scanning is one of the components of intelligence gathering an attacker uses to create a profile of the target organization.
   
   

Objectives of Network Scanning:

       To discover live hosts, IP address, and open ports of live hosts
        To discover operating systems and system architecture
        To discover services running on hosts
        To discover vulnerabilities in live hosts




The various types of port scanning are as follows :-

• 1) Port Scanning
• 2) Network Scanning
• 3) Vulnerability Scanning

1) Port Scanning :- Port scanning is the process of sending carefully crafter messages or packets to a target computer  with the intent of learning tools enables a hacker to learn about the services available on a given system. Each service or application on a machine is associated with a well known port numbers. Port numbers are divided into three ranges.



well known ports : 0 - 1023
Registered ports 1024-49151
Dynamic ports 49151-65535



A series of messages sent by someone attempting to break into a computer to learn about the computer's network services.


For example :- nmap -p- 192.168.42.164

' -p- ' means Port scan all ports

( NOTE :- about Nmap tool, we will learn in later chapter )

2) Networking Scanning  :- Networking scannnig is a procedure for identify active hosts on  a network either to attack them or as a network asecuroty assesment hosts are identified by their individual IP Address. Network scanning tools attempt to identify all the live or responding host on the network and their corresponding IP Address.
Live hosts detection is a very important tool for every penetration tester and ethical hacking.



For example :- nmap -sP 192.168.0.0-100


For example : Add -v to your command to increase the verbosity of the ping scan:

nmap -sP 192.168.0.0-100 -v




3) Vulnerability Scanning :- A vulnerability scan is used to identify weakness or vulnerabilites on a target System. This type of scan is quite commonly done as proactive measures with the group by catching problems internally before an attacker is able to locate those same vulnerabilites act on them. A typically vulnerablities scan will discover hosts, access points and open ports, analyze service response, classify threats and generate reports.

Two commonly use vulnerability scanners include Nessus and Rapid7's Nexpose. In addition there are specialized scanner such as Burp suite, Nikto and WebInspector. 

Disclaimer

This was written for educational purpose and pentest only.
The author will not be responsible for any damage ..!
The author of this tool is not responsible for any misuse of the information.
You will not misuse the information to gain unauthorized access.
This information shall only be used to expand knowledge and not for causing  malicious or damaging attacks. Performing any hacks without written permission is illegal ..!


All video’s and tutorials are for informational and educational purposes only. We believe that ethical hacking, information security and cyber security should be familiar subjects to anyone using digital information and computers. We believe that it is impossible to defend yourself from hackers without knowing how hacking is done. The tutorials and videos provided on www.hackingtruth.in is only for those who are interested to learn about Ethical Hacking, Security, Penetration Testing and malware analysis. Hacking tutorials is against misuse of the information and we strongly suggest against it. Please regard the word hacking as ethical hacking or penetration testing every time this word is used.


All tutorials and videos have been made using our own routers, servers, websites and other resources, they do not contain any illegal activity. We do not promote, encourage, support or excite any illegal activity or hacking without written permission in general. We want to raise security awareness and inform our readers on how to prevent themselves from being a victim of hackers. If you plan to use the information for illegal purposes, please leave this website now. We cannot be held responsible for any misuse of the given information.

- Hacking Truth by Kumar Atul Jaiswal

Video Tutorial :-  SooN

 

I hope you liked this post, then you should not forget to share this post at all.
Thank you so much :-)