- Mastering Kali Linux for Advanced Penetration Testing(Second Edition)
- Vijay Kumar Velu
- 203字
- 2021-07-02 21:04:22
Live host discovery
The first step is to run network ping sweeps against a target address space and look for responses that indicate that a particular target is live and capable of responding. Historically, pinging is referred to as the use of ICMP; however, TCP, UDP, ICMP, and ARP traffic can also be used to identify live hosts.
Various scanners can be run from remote locations across the internet to identify live hosts. Although the primary scanner is nmap, Kali provides several other applications that are also useful, as shown in the following table:
To penetration testers or attackers, the data returned from live host discovery will identify the targets for attack.
Run multiple host discovery scans while conducting a penetration test. Certain devices may be time-dependent. During one penetration test, it was discovered that the system administrator set up a game server after regular business hours. Because it was not an approved business system, the administrator did not follow the normal process for securing the server; multiple vulnerable services were present, and it had not received necessary security patches. Testers were able to compromise the game server and gain access to the underlying corporate network using vulnerabilities in the administrator's game server.
推薦閱讀
- Raspberry Pi Networking Cookbook(Second Edition)
- 動(dòng)手玩轉(zhuǎn)Scratch3.0編程:人工智能科創(chuàng)教育指南
- Functional Kotlin
- 精通Python設(shè)計(jì)模式(第2版)
- Hands-On Automation Testing with Java for Beginners
- Mastering Android Development with Kotlin
- Integrating Facebook iOS SDK with Your Application
- Tableau 10 Bootcamp
- 第一行代碼 C語言(視頻講解版)
- 汽車人機(jī)交互界面整合設(shè)計(jì)
- 軟件測(cè)試綜合技術(shù)
- Visual Basic程序設(shè)計(jì)基礎(chǔ)
- Mastering XenApp?
- PHP 7 Programming Blueprints
- 輕松學(xué)Scratch 3.0 少兒編程(全彩)