Transmission Control Protocol, or TCP, is a connection oriented protocol. It begins with a handshake and ends with a termination session. Network scans use parts of the handshake to get responses. Lisa Bock uses Wireshark to discuss the Importance of the three-way handshake, and evaluate the flags that are set during this process.
- [Voiceover] With ethical hacking, it's important…to understand the TCP Three-Way Handshake.…That's because network scans use parts of the handshake…to get responses.…Transmission Control Protocol is a connection…oriented protocol.…It begins with a handshake and ends with a…termination session.…Normal TCP traffic begins with a three-way handshake,…where by a client initiates the conversation…by requesting to have a session with the server.…
First, the client sends a synchronization packet.…This is called a SYN packet.…This is used to synchronize sequence numbers.…If the server accepts, it responds with a SYN ACK…or synchronization acknowledgement.…Then, the client responds with an acknowledgement,…the session begins and a socket is created.…Periodically services will be refused,…and you'll see a reset.…
No response, may indicate a firewall.…You may receive an ICMP Destination Unreachable packet.…The code might indicate that the network was unreachable,…or the host was unreachable,…but most likely, the target port is firewalled.…
This course investigates the scanning tools and techniques used to obtain information from a target system, including specially crafted packets, TCP flags, UDP scans, and ping sweeps. Lisa Bock discusses how hackers can identify live systems via protocols, blueprint a network, and perform a vulnerability scan to find weaknesses. She also introduces some of the tools and techniques that hackers use to counter detection via evasion, concealment, and spoofing. In addition, learn how to reduce the threat of tunneling, a method hackers use to circumvent network security.
Note: Our Ethical Hacking series maps to the 18 parts of the EC-Council Certified Ethical Hacker (CEH) exam (312_50). This course maps to the 03 Scanning Networks domain.
- Scanning overview
- Port scanning countermeasures
- Scanning and querying DNS
- Scanning with ICMP
- Mapping (or blueprinting) a network
- Scanning for vulnerabilities
- Using tools such as hping and NetScan
- Evading detection
- Concealing your network traffic
- Preventing tunneling
Skill Level Intermediate
1. Scanning Overview and Methodology
2. Identifying Live Systems Using Protocols
3. Blueprint the Network
4. Vulnerability Scanning
Commercial and free scanners3m 17s
5. Scanning Tools
6. Evading Detection
7. Concealing and Spoofing
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.