1
00:00:00,420 --> 00:00:06,270
‫You can scan the network to find out the computer systems and a network and discover that network topology.

2
00:00:07,140 --> 00:00:09,480
‫First, let's see the scan types.

3
00:00:11,860 --> 00:00:13,510
‫There are two types of scanning.

4
00:00:14,350 --> 00:00:16,030
‫First type is passive scan.

5
00:00:17,090 --> 00:00:20,750
‫In this type of scanning, you don't want to be recognized by the target.

6
00:00:22,610 --> 00:00:25,880
‫In this regard, you don't directly contact target systems.

7
00:00:26,630 --> 00:00:31,940
‫Just by watching a network's traffic flow, passive scanners can deduce a large amount of information

8
00:00:31,940 --> 00:00:33,530
‫about the communicating systems.

9
00:00:34,970 --> 00:00:42,260
‫You can use tools such as tcpdump or Wireshark to monitor network traffic, looking at the ARP table

10
00:00:42,260 --> 00:00:46,190
‫in a computer which is connected to the network is another example of passive scanning.

11
00:00:47,950 --> 00:00:52,190
‫So the second type is active scan in this type of scanning.

12
00:00:52,210 --> 00:00:54,250
‫You scan on the target systems.

13
00:00:56,060 --> 00:01:03,740
‫Active scanning requires more preparation for the attacker or pen tester because it leaves traces which

14
00:01:03,740 --> 00:01:06,980
‫are likely to alert the target or produce evidence against him.

15
00:01:07,760 --> 00:01:11,690
‫Active scanning on your network can also return great headaches, however.

16
00:01:12,590 --> 00:01:19,700
‫It can have a high political cost and far reaching effects on system uptime and reliability, if not

17
00:01:19,700 --> 00:01:20,480
‫done carefully.

18
00:01:20,750 --> 00:01:24,230
‫It can be an ineffective, inefficient way to gather information.

19
00:01:25,790 --> 00:01:27,740
‫We'll see and map and details.

20
00:01:29,250 --> 00:01:34,560
‫H Ping is an excellent command line oriented TCP IP packet analyzer.

21
00:01:35,220 --> 00:01:41,640
‫It looks like ping command, but each ping isn't only able to send ICMP Echo requests.

22
00:01:42,450 --> 00:01:49,740
‫It supports TCP, UDP, ICMP and raw IP protocols as a trace root mode.

23
00:01:50,190 --> 00:01:54,900
‫The ability to send files between a covered channel and many other features.

24
00:01:56,680 --> 00:02:00,340
‫Escapee is a powerful interactive packet manipulation program.

25
00:02:01,590 --> 00:02:05,820
‫It is able to forge or decode packets of a wide number of protocols.

26
00:02:06,090 --> 00:02:10,590
‫Send them on a wire, capture them match requests and replies, and much more.

27
00:02:11,510 --> 00:02:17,060
‫Trace route is a utility that records the route, the specific gateway computers at each hop through

28
00:02:17,060 --> 00:02:23,630
‫the network between your computer and a specified destination computer, so you can find out the network

29
00:02:23,630 --> 00:02:27,800
‫devices between you and the target and identify the network topology.

30
00:02:28,760 --> 00:02:35,820
‫There's a really good comparison of active and passive scanning on network WorldCom website, which

31
00:02:35,820 --> 00:02:43,520
‫says just as you can determine the type of cheese by tasting it and active scan, you can also use passive

32
00:02:43,520 --> 00:02:49,070
‫techniques such as reading the label or smelling the aroma as it passes by.