TCP IP header flags list

MODULE 5:- Scanning Network and Vulnerability

  1. Introduction of port Scanning – Penetration testing
  2. TCP IP header flags list
  3. Examples of Network Scanning for Live Host by Kali Linux
  4. important nmap commands in Kali Linux with Example
  5. Techniques of Nmap port scanner – Scanning
  6. Nmap Timing Templates – You should know
  7. Nmap options for Firewall IDS evasion in Kali Linux
  8. commands to save Nmap output to file
  9. Nmap Scripts in Kali Linux
  10. 10 best open port checker Or Scanner
  11. 10 hping3 examples for scanning network in Kali Linux
  12. How to Install Nessus on Kali Linux 2.0 step by step
  13. Nessus scan policies and report Tutorial for beginner
  14. Nessus Vulnerability Scanner Tutorial For beginner

What is TCP IP header?

TCP IP header refers Transmission control Protocol is responsible to make communication between  devices and send data over network. It provides reliable, ordered and error check comunications. Major internet application rely on by this protocol such as World wide web, email, remote adminsitration, file transfer etc. Applications that don’t require reliableity use UDP (User Datagram Protocol).

  • TCP has main operations at the time of communication:
  • Establish connections
  • Terminate connections
  • Reliable Transmission
  • Error Detection and check sum
  • Flow Control
  • Congestion control
  • Decide maximum segment size
  • Acknowledgment of transfer data
  • Forcing data delivery

And these operations handled by TCP IP header Communication flags. There are six type of Flags used by TCP

URG (Urgent)
Data with this flag should be processed immediately
FIN (finish)
this flag tell there is no more data remain for transmission on remote system
RST (Reset)
It is used to reset the connection
PSH (Push)
It is used to instruct to send all buffered data immendiately to the recieving system
ACK (Acknowledgement)
Used acknowledge the receipt data packets
SYN (Synchronize)
It is used to initiate the a connection between the hosts

To know More : Packetcrafter

Scanning for Live System in Network by Ping and Ping sweep tools

Check Live host by Network Scanner

Live system means system should be Up and connected and reachable inside Network. If system is not connected in the network or down is called dead system. We have two method to check live system one is single system scanning another scan multiple systems at once.

Free IP scanner Network Utility Ping

Ping checks live system with the help of ICMP scanning. Ping scan sends ICMP ECHO request to a host. If the host is live, it will return an ICMP ECHO reply. No reply means host is dead. Sometimes firewall discards ICMP ECHO request so We cant identify host is live or dead.

Free IP scanner Network Utility Ping

 

Ping sweep ip scanner tools in network

Ping sweep is used to check live systems in network within rang of IP addresses. If  multiple hosts are connected in the network, to find out live hosts is a big challenge for Pen Tester. Ping Sweep is useful in this condition. In this scanning method Attacker sends ICMP requests to multiple Systems. If host is alive it will return ICMP reply.

Ping Sweep tools:

Ping sweep is performed by multiple tools for windows as well as for Linux.

fping a ping Linux program

fping a ping Linux program

 

 

Zenmap a GUI for Nmap

Zenmap is a free graphical interface for the very popular port scanner nmap comes with the 10 defferent scan type ping scan is one of them

sweep ping with zenmap

 

 

Other Ping Sweep Tools:

Angry IP Scanner,

Solarwinds Engineer’s Toolset,

Colasoft Ping tool,

PacketTrap MSP Ping Sweep,

Ping Scanner Pro,

Network Ping,

Ultra Ping pro

What is network scanning ?

Network Scanning

As we discuss in previous, information gathering is the first phase of Penetration testing in which the pentester gather the information about the target. This phase is not enough alone to get much information, so we need another method to gather many more details about target. In This phase attacker get the detail about system, network, and vulnerabilities about potential target.

Types of scanning:

  • Live host scanning
  • Port scanning
  • UDP scanning
  • Vulnerability scanning

Network scanning is one of the most important phases of intelligence gathering. During the this process, you can gather information about specific ip addresses that can be accessed over the intent, their targets operating systems, system architecture, and the services running on each computer. In addition, the attacker also gather details about the networks and their individual host systems.

Purpose of Scanning

Discovering live hosts, ip address, and open ports of live hosts running on the network

Discovering open ports are the best way to break into the system.

Discovering Operating systems and system architecture

Identifying the vulnerabilities and threat

Detecting the associated network service of each port

Scroll to top