Lisa Bock dissects the IP fragmentation scan that can be used in to avoid detection, as an device must be able to reassemble the fragments in order to detect the attack. The idea is to split up the TCP header over several packets to make it harder for packet filters, and intrusion detection systems to identify what you are doing.
- [Voiceover] An IP Fragmentation Scan…can be used to avoid detection,…as a device must be able to reassemble the fragments…in order to detect the attack.…In addition, using tiny IP fragmentation attack…could overwhelm and crash a device.…The -f option causes the requested scan,…including ping scans, to use tiny fragmented IP packets.…The idea is to split up the TCP header over several packets…and make it harder for packet filters and intrusion…detection system to identify what you're doing.…
Let's go in Kali and check it out.…I'll open a terminal.…I'm not gonna run the scan just yet,…because what I also want to do is open Wireshark…and start a new capture.…Now I'll go into Kali.…Nmap -f, and what we're going to do…is scan, scanme.nmap.org,…which is IP address 220.127.116.11.…
All right, I already have begun to see the fragmentation…occur, and it's hitting it with multiple,…tiny fragmented packets.…The scan is complete.…And I'll stop my capture.…So we'll take a look at these.…And here we can see the fragmented IP packets.…
This course investigates the scanning tools and techniques used to obtain information from a target system, including specially crafted packets, TCP flags, UDP scans, and ping sweeps. Lisa Bock discusses how hackers can identify live systems via protocols, blueprint a network, and perform a vulnerability scan to find weaknesses. She also introduces some of the tools and techniques that hackers use to counter detection via evasion, concealment, and spoofing. In addition, learn how to reduce the threat of tunneling, a method hackers use to circumvent network security.
Note: Our Ethical Hacking series maps to the 18 parts of the EC-Council Certified Ethical Hacker (CEH) exam (312_50). This course maps to the 03 Scanning Networks domain.
- Scanning overview
- Port scanning countermeasures
- Scanning and querying DNS
- Scanning with ICMP
- Mapping (or blueprinting) a network
- Scanning for vulnerabilities
- Using tools such as hping and NetScan
- Evading detection
- Concealing your network traffic
- Preventing tunneling
Skill Level Intermediate
1. Scanning Overview and Methodology
2. Identifying Live Systems Using Protocols
3. Blueprint the Network
4. Vulnerability Scanning
Commercial and free scanners3m 17s
5. Scanning Tools
6. Evading Detection
7. Concealing and Spoofing
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.