P YTHON S ECURITY : S IMPLE N ETWORK P ORT S CANNER By Devon Greene.
-
Upload
lee-bryant -
Category
Documents
-
view
215 -
download
0
Transcript of P YTHON S ECURITY : S IMPLE N ETWORK P ORT S CANNER By Devon Greene.
PYTHON SECURITY: SIMPLE NETWORK PORT SCANNER
By Devon Greene
ALL ACTIONS HAVE CONSEQUENCES
What you are about to be taught is to be used for educational purposes only within a controlled environment.
Anything you scan today with the tools you write should only be done with permission of the owner.
Scanning a machine online that you do not own or have written consent to conduct such activities against is ILLEGAL.
If you are not sure if it is legal, don’t do it. It’s that simple.
PLEASE REPEAT AFTER ME…
I WILL NOT DO ANYTHING STUPID WITH THE KNOWLEDGE I AM ABOUT TO RECEIVE. I DON’T WANT TO GO TO JAIL AND NEITHER DOES DEVON.
THE DIGITAL TELEPHONE SYSTEM
Name: Dakota State University
Phone: (605) 256-5111
Found in: Telephone Book
Name: dsu.edu
Phone: 138.247.65.57
Found In: Domain Name Server
Real Life Teh Internet
THE WORLD’S INTERNET PHONE BOOK
The Domain Name System Protocol Translates “hostnames” like “dsu.edu” into
138.247.65.57 Let’s try it.
COMMON DIGITAL TELEPHONE COURIERS
Connection Oriented Reliabile Ordered Packets Built-in features
make this a slower protocol than UDP.
65535 Ports
Connectionless Protocol
Unreliable Unordered Packets Very lean protocol
makes this a much faster protocol than TCP.
65535 Ports
Transmission Control Protocol (TCP)
User Datagram Protocol (UDP)
TCP 3 WAY HANDSHAKE ILLUSTRATED
Salesman rings
doorbell
Home owner
opens up the door
Salesman can now
talk
Home owner talks
with Salesman
3
1
2
SYN FLAG == TCP DOORBELL
Computer Server
Computer ServerACK
SYN
SYN-ACK
EXAMPLE WITH NETCAT
Wireshark View:
NETWORK COMMUNICATION
IPAddress:Port 138.247.65.57:80 138.247.65.57:443
Windows: netstat –nao | findstr “EST”
Linux: netstat –nt | grep “EST”
SocketsWhat’s talking right now?
SOCKETS FURTHER EXPLORED
Address Types AF_INET (IPv4)
AF_INET6 (IPv6)
UNIX (Special)Socket Types STREAM (TCP)
DGRAM (UDP)
RAW (Special)
WHAT IS A PORT SCAN?
The process of identifying what ports are listening on a machine. Port scanning is typically conducted against both TCP and UDP ports..
There are approximately 65535 TCP ports and 65535 UDP ports.
This is taken a step further with “Service Identification”.
PORT SCANNING USES
Identifying Open Ports
Enumerating Services running on a machine
Identifying Open Ports
Compare listening ports locally on the machine versus what you see from the outside.
Offensive Security Defensive Security
TIME TO BUILD A SCANNER!
Open up the SimpleNetworkScanner_Skele.py file included on your flash drive.
We will test our scanner on machines ONLY given by the instructor. No Exceptions!