TAILIEUCHUNG - Lecture notes on Computer and network security: Lecture 23 - Avinash Kak

Lecture 23, port and vulnerability scanning, packet sniffing, intrusion detection, and penetration testing. After studying this chapter you will be able to understand: Port scanners, the nmap port scanner, vulnerability scanners, the nessus vulnerability scanner, packet sniffers, intrusion detection, the metasploit framework, the netcat utility. | Lecture 23: Port and Vulnerability Scanning, Packet Sniffing, Intrusion Detection, and Penetration Testing Lecture Notes on “Computer and Network Security” by Avi Kak (kak@) April 7, 2016 3:46pm c 2016 Avinash Kak, Purdue University Goals: • Port scanners • The nmap port scanner • Vulnerability scanners • The Nessus vulnerability scanner • Packet sniffers • Intrusion detection • The Metasploit Framework • The Netcat utility CONTENTS Section Title Port Scanning Page 3 Port Scanning with Calls to connect() 5 Port Scanning with TCP SYN Packets 7 The nmap Port Scanner 9 Vulnerability Scanning 15 The Nessus Vulnerability Scanner 16 Installing Nessus 19 About the nessus Client 23 Packet Sniffing 24 Packet Sniffing with tcpdump 30 Packet Sniffing with wireshark 32 Intrusion Detection with snort 35 Penetration Testing and Developing New Exploits with the Metasploit Framework 45 The Extremely Versatile Netcat Utility 50 Homework Problems 58 Computer and Network Security by Avi Kak Lecture 23 : PORT SCANNING • See Section of Lecture 21 for the mapping between the ports and many of the standard and non-standard services. As mentioned there, each service provided by a computer monitors a specific port for incoming connection requests. There are 65,535 different possible ports on a machine. • The main goal of port scanning is to find out which ports are open, which are closed, and which are filtered. • Looking at your machine from the outside, a given port on your machine is open if you are running a server program on the machine and the port is assigned to the server. If you are not running any server programs, then, from the outside, no ports on your machine are open. This would ordinarily be the case with a brand new laptop that is not meant to provide any services to the rest of the world. But, even with a laptop that was .

• An ninh - Bảo mật
• Network security
• Lecture notes on Computer and network security
• Computer security
• Vulnerability scanning
• Packet sniffing
• Intrusion detection
• Web security
• security rules
• encryption techniques
• security techniques
• Security chat rooms
• especially
• Network Security Tools
• CCNA Security
• Lecture CCNA Security
• Modern Network Security Threats
• Evolution of Network Security
• Drivers for Network Security
• Network Perimeter
• Network Perimeter Security
• Network Security Principles
• Cryptography
• IDS Tools
• CGI attacks
• network intruders
• Managing Security
• Wireless
• Wireless Network Security
• attack techniques
• defensive techniques
• operating system security
• application security
• security policy
• Network Security Fundamentals
• Guide to Network Security Fundamentals
• Information security
• Define information security
• Information security careers
• Operational security
• Harden physical security
• Secure the physical environment
• Mobile device security
• Lecture Network security
• Computer network
• Computer hacking
• Internet security
• Network security model
• Securing the Network Infrastructure
• Network cable plant
• Secure removable media
• Network security hacks
• Ebook Network security hacks
• Network security technologies
• Unix host security
• Windows host security
• Wireless Security
• Advanced security
• Computer forensics
• Harden security
• Network Management Security
• Management Security
• security mechanisms
• security services
• security architecture
• encryption system
• Security principles
• Effective authentication methods
• Control access to computer systems
• Security Baselines
• Disable nonessential systems
• Harden operating systems
• Protect e mail systems
• World Wide Web vulnerabilities
• Security policy cycle
• Risk identification
• Security management
• Identity management
• Plan for change management
• CompTIA® Security+
• CompTIA Security+ certification
• Linux file manipulation tools
• Internal physical security controls
• Network hardware security modules