Host Scanning Methods of Ethical Hackers

Introduction
After mapping the network topology successfully, next thing to do for ethical hacker is to detect the possible points from which attack can be deployed on host. For this purpose host scanning is done through various methods discussed below.

Social engineering
It is one of the largest threat to any company’s security as this flaw can not be protected by the sue of software. Company’s personal information which is generally secured is given out by some person working inside it. Information like username and password of employee, can give primary access to the attacker, to organizational network. which can be later escalated through advanced techniques.

Enumeration
Hosts themselves are mapped again, which can be helpful for identifying information about the systems and services involved in it. Enumeration is done in details with OS and services running on Host’s OS.

Identification of Host and Operating Systems: Queso, nmap and ISS, Internet Scanner are some of the tools which are widely used to scan the OS and host details. These software provide all contains identification features, checking for variances in the vendor IP stacks.

Port Scanning
Port scanning is done after successful mapping and enumeration of the host. Various tools are employed for examining  TCP and UDP services running on probed systems.
E.g.:   fping, hping, tcpprobe, WS PingPro Pack. 

Such methods give all the technical information necessary for further attack to be carried out. Such techniques are used by hackers as well as ethical hackers to perform and analyze the attack.

There are certain types of replies that network gives from which the further network hierarchy can be tracked , analyzed and break in is performed. E.g. ICMP, TCP, SYN/ACK & RST/ACK replies. Such replies give attacker the confirmation of successful host scanning and enumeration.

Amol Wagh

Author is a Tech blogger & loves to share his work on web by writing guidelines for Ethical Hacking students & Security professionals. Performing various types of hacking from pen test to smartphone hacking – He enjoys hacking just for personal research purpose.

Working with more of ‘grey as well as black hat’ hackers for learning advanced hacking as well as defending techniques & share them with learners. His prime area of research is Cyber Criminals & currently working on a Video Product Development to teach hacking & Pen Testing for absolute beginners.