In this video, Marc Menninger describes how to identify network ports and services. Learn how security assessors use OS fingerprinting to identify the operating systems of network devices. Watch a demonstration of Sparta and Nmap to scan ports and services.
- After discovering the devices on the network,…the next logical step in target identification and analysis…is to scan each of these devices further…to learn more about them.…Network devices can generally be identified by which ports…are open and which services are running.…For instance, any device which has port 80 open,…and shows an active HTTP service is likely running…some form of web server, such as Microsoft IIS or Apache.…
Scanning for open ports and running services…can be done with software tools like Nmap.…There are three main purposes for identifying ports…and services on network devices.…To help identify the operating systems on the devices.…To help identify the functions of the devices,…such as web server, FTP server, et cetera.…And, to test the ports and services…for potential security vulnerabilities.…
Because certain operating systems run known unique services,…they can often be used to identify the OS on a device…with a high degree of confidence.…This is called OS fingerprinting.…For instance, if port 111 is open,…
- Cite the three phases of external security assessments.
- Explain the reasons for conducting a log review.
- Explain what network sniffing is and why it’s used.
- Describe when to use a file integrity checking tool.
- Differentiate between active network discovery and passive network discovery.
- Explain how to scan for vulnerabilities.
- Relate the three techniques useful for validating target vulnerabilities.
- Explain the four-stage methodology of conducting penetration tests.
Skill Level Intermediate
1. Overview of Technical Security Assessments
2. Technical Security Assessment Reviews
3. Identify and Analyze Targets
4. Validate Target Vulnerabilities
5. Planning Technical Security Assessments
6. Executing the Technical Security Assessment
7. Post-Testing Activities
Report the results2m 16s
Next steps1m 32s
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.