- Email support@dumps4free.com
Topic 3, Scanning
What is the proper response for a FIN scan if the port is closed?
A.
SYN
B.
ACK
C.
FIN
D.
PSH
E.
RST
RST
Explanation: Closed ports respond to a FIN scan with a RST.
You are scanning the target network for the first time. You are able to detect few
convention open ports. While attempting to perform conventional service
identification by connecting to the open ports, the scan yields either bad or no
result. As you are unsure of the protocols in use, you want to discover as many
different protocols as possible. Which of the following scan options can help you
achieve this?
A.
Nessus sacn with TCP based pings
B.
Netcat scan with the switches
C.
Nmap scan with the P (ping scan) switch
D.
Nmap with the O (Raw IP Packets switch
Nmap with the O (Raw IP Packets switch
Explanation:
-sO IP protocol scans: This method is used to determine which IP protocols are supported
on a host. The technique is to send raw IP packets without any further protocol header to
each specified protocol on the target machine. If we receive an ICMP protocol unreachable
message, then the protocol is not in use. Otherwise we assume it is open. Note that some
hosts (AIX, HP-UX, Digital UNIX) and firewalls may not send protocol unreachable
messages.
A.
An SNMP Walk
B.
Hping2 diagnosis
C.
A Bo2K System query
D.
Nmap protocol/port scan
An SNMP Walk
Explanation: The snmpwalk command is designed to perform a sequence of chained
GETNEXT requests automatically, rather than having to issue the necessary snmpgetnext
requests by hand. The command takes a single OID, and will display a list of all the results
which lie within the subtree rooted on this OID.
A.
A Bo2k system query.
B.
nmap protocol scan
C.
A sniffer
D.
An SNMP walk
An SNMP walk
Explanation: SNMP lets you "read" information from a device. You make a query of the
server (generally known as the "agent"). The agent gathers the information from the host
system and returns the answer to your SNMP client. It's like having a single interface for all
your informative Unix commands. Output like system.sysContact.0 is called a MIB.
Study the log below and identify the scan type.
tcpdump -vv host 192.168.1.10
17:34:45.802163 eth0 < 192.168.1.1 > victim: ip-proto-117 0 (ttl 48, id 36166)
17:34:45.802216 eth0 < 192.168.1.1 > victim: ip-proto-25 0 (ttl 48, id 33796)
17:34:45.802266 eth0 < 192.168.1.1 > victim: ip-proto-162 0 (ttl 48, id 47066)
17:34:46.111982 eth0 < 192.168.1.1 > victim: ip-proto-74 0 (ttl 48, id 35585)
17:34:46.112039 eth0 < 192.168.1.1 > victim: ip-proto-117 0 (ttl 48, id 32834)
17:34:46.112092 eth0 < 192.168.1.1 > victim: ip-proto-25 0 (ttl 48, id 26292)
17:34:46.112143 eth0 < 192.168.1.1 > victim: ip-proto-162 0 (ttl 48, id 51058)
tcpdump -vv -x host 192.168.1.10
17:35:06.731739 eth0 < 192.168.1.10 > victim: ip-proto-130 0 (ttl 59, id 42060) 4500
0014 a44c 0000 3b82 57b8 c0a8 010a c0a8 0109 0000 0000 0000 0000 0000 0000 0000
0000 0000 0000 0000 0000 0000
A.
nmap -sR 192.168.1.10
B.
nmap -sS 192.168.1.10
C.
nmap -sV 192.168.1.10
D.
nmap -sO -T 192.168.1.10
nmap -sO -T 192.168.1.10
| Page 15 out of 153 Pages |
| Previous |