Lecture 3-Port Scanning, Lecture notes of Information Security and Markup Languages

Master the fundamentals of **Information Security** with these comprehensive study notes covering the **first five lectures** of the course. These are the same notes that helped me excel in my Information Security exams. They are organized in a clear, easy-to-understand format, making complex cybersecurity concepts much easier to learn and revise. Whether you're a **Cybersecurity**, **Computer Science**, or **IT** student, these notes are designed to help you: * Understand key Information Security concepts quickly. * Save hours of note-taking and revision. * Prepare effectively for quizzes, assignments, midterms, and finals. * Build a strong foundation for advanced cybersecurity topics. If you're looking for concise, exam-focused, and student-friendly notes, this bundle is an excellent resource to boost your understanding and confidence. **Includes:** Study notes for Information Security – Lectures 1–5 (PDF) Perfect for students who want to study smarter, not harder.

Typology: Lecture notes

2025/2026

Available from 06/30/2026

sanwal-fareed
sanwal-fareed 🇵🇰

9 documents

1 / 12

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
Port Scanning
pf3
pf4
pf5
pf8
pf9
pfa

Partial preview of the text

Download Lecture 3-Port Scanning and more Lecture notes Information Security and Markup Languages in PDF only on Docsity!

Port Scanning

What is Port Scanning?

■ port scanning is equivalent to knocking on the

walls to find all the doors and windows.

■ determine what systems are listening & reachable from the Internet. ■ Analyzing underlying weaknesses. ■ Using the weakness for later use.

Port Scanning Techniques

■ Vanilla:

■ Simplest form of port scan. ■ Tries each of the ports 65535 on the victim. ■ sending a carefully constructed packet. ■ with a chosen port number.

Stealth Scan

■ Port scanning is easily logged by the services

listening at the ports.

■ Designed to go undetected by auditing tools.

■ Scanning at a slow pace.

■ inverse mapping:

■ Generating "host unreachable" ICMP-messages for IPs that do not exist.

Bounce Scans

■ The ability to hide tracks is important to attackers.

■ FTP bounce scan:

■ allows the hacker to force the FTP server to do the port scan and send back the results. This bouncing through an FTP server hides where the attacker comes from.

■ The advantage to this approach is harder to trace.

The disadvantages are that it is slow.

UDP Scanning

■ In order to find UDP ports, the attacker generally

sends empty UDP datagrams. If

■ The port is listening, the service should send back an error message or ignore the incoming datagram. ■ The port is closed, then most operating systems send back an "ICMP Port Unreachable" message. Thus determine which ports are open. ■ Neither UDP packets nor the ICMP errors are guaranteed to arrive, so UDP scanners must also implement retransmission of packets that appear to be lost.

Port Scanning Tools

■ nmap

■ Widely known port scanner. ■ Utility for port scanning large networks, although it works fine for single hosts. ■ The guiding philosophy for the creation of nmap was TMTOWTDI (There's More Than One Way To Do It). ■ CMD: nmap –sS 192.168.1. ■ Output: Port State Protocol Service ■ 21 open tcp ftp

Port Scanning Tools

■ netcat

■ The Swiss army knife in our security toolkit. ■ Provides basic TCP and UDP port scanning capabilities. By default, netcat uses TCP ports, so for UDP scanning, we need to specify the –u option. For example, ■ CMD: netcat –v –z –w2 192.168.1.1 1- ■ Output: [192.168.1.1] 25 (smtp) open