Start Validating identity firewalled

Validating identity firewalled

If you execute Nmap with its default settings, and assuming you have root privileges, Nmap performs a SYN scan: Nmap sends a SYN to all of the ports listed in its services file (over 1,000 ports) and looks for a SYN/ACK response.

There are also a number of free whitepapers and guides on the Internet.

The following sections discuss a few commercial and open source assessment tools that can be used to effectively audit Cisco networks.

There are many books written from the security tool perspective, with indepth discussions of the various uses, switches, and techniques to implement these programs.

Consider this an introduction to the uses of these tools, and auditors are encouraged to read from O'Reilly Press for a fantastic discussion of security tools and their many configuration options.

Before using Nmap on UNIX type systems (LINUX, BSD, and Mac OS X), you need to obtain root privileges via SUDO to use any features that cause Nmap to create custom packets.

Nmap can be run without administrative privileges, but some of the advanced scanning techniques such as SYN scanning and anything that needs to access the raw IP stack will fail.

Starting Nmap 5.21 ( Interesting ports on 172.16.1.3: Not shown: 1707 closed ports PORT STATE SERVICE 135/tcp open msrpc 139/tcp open netbios-ssn 445/tcp open microsoft-ds 3389/tcp open ms-term-serv MAC Address: 00:1A:92:0A:62: B1 (Asustek Computer) Nmap done: 1 IP address (1 host up) scanned in 2.226 seconds Scanning for UDP ports is handled differently.

Because UDP doesn't have a handshake process like TCP, the UDP packet must be crafted in a manner that causes the operating system to respond back.

If you send a UDP packet to a closed port on a server, the TCP/IP stack is supposed to send an ICMP port unreachable message back.

If a host does not send this response, it is assumed that the port is open.

Not only are the authors of these tools truly brilliant individuals (and some scary ones, too), they have also helped the security community significantly through the automation of advanced testing techniques.