Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Pertemuan 6
GUI Target 1
Target 2
Vulnerability Scanning
Database Engine
Target 3
Knowledge
Base
Target 4
Results
Typical Vulnerabilities Checked
• Network vulnerabilities
• Host-based (OS) vulnerabilities
– Misconfigured file permissions
– Open services
– Missing patches
– Vulnerabilities in commonly exploited applications (e.g.
Web, DNS, and mail servers)
Typical Vulnerabilities Checked
• Port
• Example Tool
– nmap
• Scanning types
– Host discovery
– port scanning
– Version detection
– OS detection
Nmap
SYN
RST/ACK
Scanner Target
a port is closed
Status Service
• Open
• Close
• Filtered
Post Scanning Detection
• Whois
Discovering Other Information
• Nslookup
Discovering Other Information
• Routing
Discovering Other Information
• Service alive
Discovering Other Information
• nbstat
Discovering Other Information
• Netstat
Summary