Table of Contents
ToggleNetwork scanning is the second phase in the ethical hacking methodology where we gather more detailed information about our target system for future attacks and exploitation.
After the first phase of footprinting or reconnaissance now we will create an active connection with our target for getting much more detailed information by scanning their network by using very complex and aggressive reconnaissance techniques.
Typically, we can say that network scanning is also a reconnaissance technique but here we collect very detailed and advanced information about our target like their network infrastructure, range, DNS, IP addresses, open and closed ports detailed, etc.
Sometimes we say that it is a set procedure used for identifying active hosts, open ports, and active running services inside the network.
the network scanning phase will help the attacker in determining and creating a profile of the target organization network which can lead to the perfect execution of any attack on the targeted network.
Which type of information we can gather
In the network scanning phase, we can gather detailed information about the target organization that includes:-
- IP addresses
- OS details
- System architecture
- open and close port
- active services
- network range
- version detail
- firewall configuration
- host type and active host
- incoming request handling, etc
Purpose of the scanning phase
The purpose of the network scanning phase is to discover and gather detailed information about the active vulnerability in the target network which can lead to the way of exploitation of a particular communication channel that is responsive or useful to an attacker’s particular needs.
In this phase, the attacker continuously tries to find various ways to intrude into the target network or system. The attacker will also look for more detailed information about the target network for getting any information about the configuration failure.
All the information will help an attacker in developing a strategy and attacking map toward the target system.
Different types of network scanning process
Three major types of scanning processes are:
- Port scanning
- Network scanning
- Vulnerability scanning
Port Scanning
This scanning process with help the attacker for getting detailed information about the open and closed ports with their active running services.
This information can be gathered by sending a sequence of messages to the target computer for breaking into the system to get the right information.
The Port scanning process will involve an active connection to the TCP and UDP ports of the target system for determining whether the service is running or in a listening state.
some active ports that are in an open state will sometimes allow an unauthorized user to misconfiguration systems or to run software with vulnerabilities.
Network scanning
This process allows an attacker for getting detailed information about the active hosts and IP addresses, etc. This is a procedure for identifying active hosts on a network, either to attack them or assess the security of the network.
Vulnerability scanning
Vulnerability scanning is a process of finding the presence of any known weakness in the target system. This scanning method with help an attacker for finding any vulnerability which can be used for exploiting the system.
This method includes the scanning engine and catalog. The catalog will consist of a list of common files with known vulnerabilities with their exploits for a range of servers.
The scanner will also be able to look for the backup files or directory traversal exploits for finding any security misconfiguration.
The scanning engines in the vulnerability scanner maintain the logic for reading the exploits list, transferring the request to the web server, and analyzing the request to ensure the safety of the server.
The scanner tools mostly target vulnerabilities whose secure host configurations can be fixed easily through updated security patches and clean web documents.
How vulnerability allows hackers to gain unauthorized access
Let’s understand this concert with an example of a thief who wants to rob any house at a particular place.
So he needs to gather all the information about the house and its owner like house structure and owner timing. After collecting all the information the thief will now develop a strategy for intruding into the house.
For intruding into the house the thief need to look for the access point in the house which can be a door, window, or any manhole. These points are generally known as the vulnerabilities of the house because they are the weak point from the thief will enter in the house.
Same when it comes to the computer system or networks, we can compare the network ports with the door and windows of any system, and consider the computer as the house. so the attacker needs to gain access to the ports for getting into the system.
In systems, we can say that the more ports open in the network the more vulnerable the system is.
However, some studies say that in some cases where a system with fewer open ports than another system can also be vulnerable to attacks.
what is the purpose of network scanning
The basic purpose of network scanning is to gather detailed information about the target organization because the more information we can collect, the more we can know about any network security loopholes which can give us unauthorized access to the network.
There are some key points about the objective of scanning networks:-
- Finding the network live hosts, open and closed ports, IP addresses, and active hosts of the target system. The open ports detail allows the attacker a way of entering the system.
- Finding the operating system and system architecture details of the target system. This process is also known as the OS fingerprinting. Based on these details an attacker can draw a map or strategy for the attack on the target system based on the OS vulnerability
- Get the details about which of the service is running or listening in the target system. this allows the attack to find the vulnerabilities based on the services which can be further exploited for gaining access to the target system.
- Identifying specific applications on versions of the particular service.
- Network scanning will help an attacker to find vulnerabilities in the target network system. which can help the attacker to compromise the target system on the network through various exploits which are available against that vulnerability.
If you have any queries regarding the above content, or you want to update anything in the content, then contact us with your queries. You can directly post your question in the group.
Connect with us on these platforms