ICMP-type8 Echo Requests ‘Pings’
- Frequently blocked
- Noisy + frequently monitored / signature
TCP packets to likely open ports
- 3-way initialization
- Various possibilities
- May traverse IDS/IPS
UDP packets to likely closed ports
- ICMP Port Unreachable messages
- Non-reliable
Angry IP Scanner (v2.21 Apr 04 / v3.0-beta4 Mar 09) [Some AV software may have signature]
- v2.x - Windows-XP
- - Standalone binary
- v3.x - Cross-platform
- - Requires Java
- - Windows 2000/XP/Vista | MacOS X Intel/PPC | Linux
- Threaded for each scanned IP
- ICMP Echo Request sweep
- TCP port scan
- Gets MAC addresses
- Gathers NetBIOS names and Workgroups
ICMPQuery (v1.0.3 2000) [Dave Andersen cs.ut.edu -> cs.cmu.edu]
- CLI Linux/Unix
- ICMP Timestamp (t13) and Address Mask Request (t17)
No comments:
Post a Comment