Cybersecurity – Attack and Defense Strategies - Third Edition by Yuri Diogenes & Dr. Erdal Ozkaya

Author:Yuri Diogenes & Dr. Erdal Ozkaya
Language: eng
Format: epub
Publisher: Packt
Published: 2022-01-15T00:00:00+00:00

Use of clever tricks

The use of clever tricks can help you defend your network against Nmap scanning. The Nmap scan tool, just like many other probe tools, relies on information it obtains from the target network devices or ports. It then interprets the information while organizing it into useful reports based on which the ethical hackers can infiltrate the system. However, the use of clever tricks is a common practice, especially where the administrators take an offensive approach to being scanned and create fake responses to the Nmap scans. These clever tricks are meant to confuse and slow down the Nmap scan tool. These clever tricks are effective at solving the problem and defending a network from malicious scans. However, it has been identified that they end up causing more problems than they solve within a network. These slowing tricks are often written without any security considerations and can be used by attackers to gain valuable information about the system. The clever tricks can work in many instances and can be effective at keeping the attackers at bay. In some cases, unfortunately, the use of these tricks may be counterproductive and may end up benefitting the hackers more than the network administrators.

Here are some examples of clever tricks for Nmap:

Disable DNS name resolution:

nmap -p 80 -n 192.168.1.1

Scan for top ports:

nmap --top-ports 100 192.168.1.1

Get a list of servers with a specific port open:

nmap -sT -p 8080 192.168.1.* | grep open

Scan your network for rogue access points:

nmap -A -p1-85,113,443,8080-8100 -T4 –min-hostgroup 50 –max-rtt-timeout 2000 –initial-rtt-timeout 300 –max-retries 3 –host-timeout 20m –max-scan-delay 1000 -oA RogueAPScan 192.168.0.0/8

Test if the target is vulnerable to DoS attacks:

nmap --script dos -Pn 192.168.1.1

Run a full vulnerability test:

nmap -Pn --script vuln 192.168.1.1

This way you can run a full vulnerability test against your target using Nmap’s scripting engine (NSE).

Launch brute force attacks:

nmap -p 1433 --script ms-sql-brute --script-args userdb=usersFile.txt,passdb=passwordsFile.txt 192.168.1.1

Detect malware-infected hosts:

nmap -sV --script=http-malware-host 192.168.1.1

Nmap is able to detect malware and backdoors by running extensive tests on a few popular OS services like Identd, Proftpd, Vsftpd, IRC, SMB, and SMTP.

Download

Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.