Section Overview

Once an overall picture (footprint) of a network has been established, the next step is to take that information and probe for useful information about what’s in the network.

Questions

What are the objectives of a network scan?

What is the difference between TCP and UDP?

What are the flags used by TCP?

What are the steps involved in fully scanning a network?

What is the most common method for determining live hosts on a network?

• What is a weakness of this method?

What are different types of network scans?

• What are the advantages/disadvantages to them?

What is a common methodology for getting packets past an Intrusion Detection System?

What 2 types of OS Fingerprinting are there?

• What’s the difference between the two?

What is Banner Grabbing?

• What information can you get from it?

What do PenTesters use proxies for?

What is required to spoof an IP address?