Investigate the difference between scanning and penetration testing. Lisa Bock illustrates how scanning a network to check for vulnerabilities is an important exercise, but should not be confused with Penetration Testing, a process that looks for security weaknesses and launches various attacks in order to gain access to a system. Discover that although the two are closely related, the objectives are different.
- [Voiceover] Scanning a network…to check for vulnerabilities…is an important exercise,…but should not be confused with penetration testing:…a process that looks for security weaknesses…and launches various attacks…in order to gain access to a system.…Although the two are closely related,…the objectives are different.…A vulnerability scan checks for known vulnerabilities…and generates a report,…and can be run by a security specialist,…or even an average user.…
This is an important first step…in reducing overall risk,…as most vulnerabilities can be addressed,…and reduced, if not removed entirely.…For example, if we had a weak password as a vulnerability,…the password could be made stronger,…thus, removing the vulnerability.…A penetration test uses the vulnerability scan…to try to gain access to a computer's system.…In most cases, a penetration tester requires…a broader range in knowledge,…along with various levels of expertise…in all aspects of computer systems,…such as operating systems, data bases,…web servers, and network devices.…
This course investigates the scanning tools and techniques used to obtain information from a target system, including specially crafted packets, TCP flags, UDP scans, and ping sweeps. Lisa Bock discusses how hackers can identify live systems via protocols, blueprint a network, and perform a vulnerability scan to find weaknesses. She also introduces some of the tools and techniques that hackers use to counter detection via evasion, concealment, and spoofing. In addition, learn how to reduce the threat of tunneling, a method hackers use to circumvent network security.
Note: The Ethical Hacking series maps to the 20 parts of the EC-Council Certified Ethical Hacker (CEH) exam (312_50) version 10.
- Scanning overview
- Port scanning countermeasures
- Scanning and querying DNS
- Scanning with ICMP
- Mapping (or blueprinting) a network
- Scanning for vulnerabilities
- Using tools such as hping and NetScan
- Evading detection
- Concealing your network traffic
- Preventing tunneling
Skill Level Intermediate
1. Scanning Overview and Methodology
2. Identifying Live Systems Using Protocols
3. Blueprint the Network
4. Vulnerability Scanning
Commercial and free scanners3m 17s
5. Scanning Tools
6. Evading Detection
7. Concealing and Spoofing
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.