Port Scanners (4)

• NMAP - http://www.insecure.org/nmap

  • TCP scans - connect to every port with 3-way handshake
  • UDP scans; SYN scans using IP fragments
  • ACK and FIN scans
  • designed to by-pass firewalls and intrusion detection tools

• QueSO - http://www.apostols.org/projectz/queso

  • TCP scans with various combinations of TCP flags: SYN, SYN+ACK,FIN, FIN+ACK,SYN+FIN
  • can determine various types of the operating systems, kernel versions

Previous slide

Next slide

Back to first slide

View graphic version