Kali Linux provides software such
as nmap and burp to perform
reconnaissance.
2) Scanning the targets
This is considered the second phase of the hacking process. In this step, we
will try to scan the target and find any ports
that are open to getting a
successful linkage to attack. We will also use a concept called enumeration
in this phase to get a lot of advanced information about the users. All this
useful information can be further analyzed by hackers to get varied results.
In this phase, the attackers usually start
network scanning using the
available network tools like Nmap. These network tools are made available
to run on systems so that the available open ports can be detected. Open
ports are vulnerable and can help us to create a backdoor to the system.
However, the attackers should keep in mind that fast searching of the
systems or sending a lot of packets can give
a huge increase in network
traffic and can make the system administrators alert. For this reason,
experienced hackers extend this phase for at least a week so that they send
packets slowly in such a way that the very
advanced intrusion detection
systems can never detect the attack that is going on.
In this phase, we can even analyze the ports
to know about the operating
systems and technologies that are being used. A lot of hackers after this
stage will search databases like exploited to find the open vulnerabilities for
the version of the software. If lucky, you can find a vulnerability that can be
further used to attack the system.
Many novice hackers use automatic scanners like
burp suite to detect the
vulnerabilities that are present. Even though of being advanced scanners
they will not accurately detect them always. They can be used for learning
the basic implementation of scanning but not as a sole tool that can scan the
targets. That is all about this phase and let us move on to the third one that
is when we get successful access to the system.
