1
00:00:00,480 --> 00:00:06,270
You can scan the network to find out the computer systems and network and discover that network topology.

2
00:00:07,200 --> 00:00:09,510
First, let's see the scan types.

3
00:00:11,950 --> 00:00:13,510
There are two types of scanning.

4
00:00:14,410 --> 00:00:15,950
First type is passive scan.

5
00:00:17,100 --> 00:00:20,730
In this type of scanning, you don't want to be recognized by the target.

6
00:00:22,700 --> 00:00:28,730
In this regard, you don't directly contact target systems just by watching a network's traffic flow.

7
00:00:28,760 --> 00:00:33,560
Passive scanners can deduce a large amount of information about the communicating systems.

8
00:00:35,060 --> 00:00:40,220
You can use tools such as DCP Dump or Wireshark to monitor network traffic.

9
00:00:41,000 --> 00:00:45,740
Looking at the ARP table in a computer which is connected to the network is another example of passive

10
00:00:45,740 --> 00:00:46,160
scanning.

11
00:00:48,010 --> 00:00:52,180
So the second type is active scan in this type of scanning.

12
00:00:52,240 --> 00:00:54,280
You scan on the target systems.

13
00:00:56,150 --> 00:01:03,740
Active scanning requires more preparation for the attacker or pin tester because it leaves traces which

14
00:01:03,740 --> 00:01:06,980
are likely to alert the target or produce evidence against him.

15
00:01:07,820 --> 00:01:11,150
Active scanning on your network can also return great headaches.

16
00:01:11,180 --> 00:01:11,660
However.

17
00:01:12,680 --> 00:01:18,680
It can have a high political cost and far reaching effects on system uptime and reliability.

18
00:01:19,400 --> 00:01:20,480
If not done carefully.

19
00:01:20,840 --> 00:01:24,280
It can be an ineffective, inefficient way to gather information.

20
00:01:25,850 --> 00:01:27,740
We'll see and map and details.

21
00:01:29,340 --> 00:01:29,610
H.

22
00:01:29,610 --> 00:01:34,460
Peng is an excellent command line oriented TCAP IP packet analyzer.

23
00:01:35,310 --> 00:01:36,690
It looks like ping command.

24
00:01:37,200 --> 00:01:41,610
But each ping isn't only able to send ICMP echo requests.

25
00:01:42,510 --> 00:01:49,710
It supports TCAP, UDP, ICMP and raw IP protocols as a traceroute mode.

26
00:01:50,250 --> 00:01:54,930
The ability to send files between a covered channel and many other features.

27
00:01:56,740 --> 00:02:00,370
Escapee is a powerful interactive packet manipulation program.

28
00:02:01,680 --> 00:02:07,520
It is able to forge or decode packets of a wide number of protocols, send them on the wire, capture

29
00:02:07,530 --> 00:02:10,590
them, match requests and replies and much more.

30
00:02:11,540 --> 00:02:17,060
Trace Route is a utility that records the route, the specific Gateway computers that each hop through

31
00:02:17,060 --> 00:02:21,530
the network between your computer and a specified destination computer.

32
00:02:22,280 --> 00:02:27,830
So you can find out the network devices between you and the target and identify the network topology.

33
00:02:28,790 --> 00:02:35,360
There's a really good comparison of active and passive scanning on network world dot com Web site,

34
00:02:35,690 --> 00:02:41,690
which has just as you can determine the type of cheese by tasting it an active scan.

35
00:02:42,320 --> 00:02:49,040
You can also use passive techniques such as reading the label or smelling the aroma as it passes by.