Đang chuẩn bị liên kết để tải về tài liệu:
Lecture notes on Computer and network security: Lecture 23 - Avinash Kak

Lecture 23, port and vulnerability scanning, packet sniffing, intrusion detection, and penetration testing. After studying this chapter you will be able to understand: Port scanners, the nmap port scanner, vulnerability scanners, the nessus vulnerability scanner, packet sniffers, intrusion detection, the metasploit framework, the netcat utility. | Lecture 23: Port and Vulnerability Scanning, Packet Sniffing, Intrusion Detection, and Penetration Testing Lecture Notes on “Computer and Network Security” by Avi Kak (kak@purdue.edu) April 7, 2016 3:46pm c 2016 Avinash Kak, Purdue University Goals: • Port scanners • The nmap port scanner • Vulnerability scanners • The Nessus vulnerability scanner • Packet sniffers • Intrusion detection • The Metasploit Framework • The Netcat utility CONTENTS Section Title 23.1 Port Scanning Page 3 23.1.1 Port Scanning with Calls to connect() 5 23.1.2 Port Scanning with TCP SYN Packets 7 23.1.3 The nmap Port Scanner 9 23.2 Vulnerability Scanning 15 23.2.1 The Nessus Vulnerability Scanner 16 23.2.2 Installing Nessus 19 23.2.3 About the nessus Client 23 23.3 Packet Sniffing 24 23.3.1 Packet Sniffing with tcpdump 30 23.3.2 Packet Sniffing with wireshark 32 23.4 Intrusion Detection with snort 35 23.5 Penetration Testing and Developing New Exploits with the Metasploit Framework 45 23.6 The Extremely Versatile Netcat Utility 50 23.7 Homework Problems 58 Computer and Network Security by Avi Kak Lecture 23 23.1: PORT SCANNING • See Section 21.1 of Lecture 21 for the mapping between the ports and many of the standard and non-standard services. As mentioned there, each service provided by a computer monitors a specific port for incoming connection requests. There are 65,535 different possible ports on a machine. • The main goal of port scanning is to find out which ports are open, which are closed, and which are filtered. • Looking at your machine from the outside, a given port on your machine is open if you are running a server program on the machine and the port is assigned to the server. If you are not running any server programs, then, from the outside, no ports on your machine are open. This would ordinarily be the case with a brand new laptop that is not meant to provide any services to the rest of the world. But, even with a laptop that was .