Scanning for Targets | 177




Download 22,59 Mb.
Pdf ko'rish
bet163/225
Sana14.05.2024
Hajmi22,59 Mb.
#232856
1   ...   159   160   161   162   163   164   165   166   ...   225
Bog'liq
learningkalilinux

Scanning for Targets | 177

[
+
]
192.168.86.48: - 192.168.86.48:5985 - TCP OPEN
[
+
]
192.168.86.48: - 192.168.86.48:7676 - TCP OPEN
[
+
]
192.168.86.48: - 192.168.86.48:8009 - TCP OPEN
[
+
]
192.168.86.48: - 192.168.86.48:8019 - TCP OPEN
[
+
]
192.168.86.48: - 192.168.86.48:8020 - TCP OPEN
[
+
]
192.168.86.48: - 192.168.86.48:8022 - TCP OPEN
[
+
]
192.168.86.48: - 192.168.86.48:8032 - TCP OPEN
[
+
]
192.168.86.48: - 192.168.86.48:8027 - TCP OPEN
[
+
]
192.168.86.48: - 192.168.86.48:8031 - TCP OPEN
[
+
]
192.168.86.48: - 192.168.86.48:8028 - TCP OPEN
[
+
]
192.168.86.48: - 192.168.86.48:8080 - TCP OPEN
[
+
]
192.168.86.48: - 192.168.86.48:8181 - TCP OPEN
[
+
]
192.168.86.48: - 192.168.86.48:8282 - TCP OPEN
[
+
]
192.168.86.48: - 192.168.86.48:8383 - TCP OPEN
[
+
]
192.168.86.48: - 192.168.86.48:8444 - TCP OPEN
[
+
]
192.168.86.48: - 192.168.86.48:8443 - TCP OPEN
[
+
]
192.168.86.48: - 192.168.86.48:8484 - TCP OPEN
[
+
]
192.168.86.48: - 192.168.86.48:8585 - TCP OPEN
[
+
]
192.168.86.48: - 192.168.86.48:8686 - TCP OPEN
[
+
]
192.168.86.48: - 192.168.86.48:9200 - TCP OPEN
[
+
]
192.168.86.48: - 192.168.86.48:9300 - TCP OPEN
[
*
]
Scanned 
1
of 
1
hosts 
(
100% 
complete
)
[
*
]
Auxiliary module execution completed
You’ll notice that I made some changes to the parameters that would make the mod‐
ule go faster. I increased the threads and the concurrency setting. Since this is my net‐
work, I feel comfortable increasing the amount of traffic going to my target host. If
you are less confident about causing issues with either traffic generation or alerts
through a firewall or intrusion detection system, you may consider leaving your
threads at 1 and maybe reducing your concurrency from the 10, which is the default.
One disadvantage to using this module is that we don’t get the application that is run‐
ning on the ports. The well-known ports are easy enough. I know what’s likely run‐
ning on ports like 22, 135, 139, 445, 3306, and others. There are many in the 8000
range, though, that may not as readily identifiable. Since there are so many of them, it
seems reasonable to get those holes filled in. The easiest way to do this, rather than
running through several specific service scan modules, is to use a version scan from
nmap
. This will populate the services database for us. You can see a search of the serv‐
ices that belong to this particular host in 
Example 6-3
.

Download 22,59 Mb.
1   ...   159   160   161   162   163   164   165   166   ...   225




Download 22,59 Mb.
Pdf ko'rish