Hacking Tutorial – NMAP Scanning and PortSentry Evasion

8 09 2006

Tutorial – NMAP Scanning and PortSentry Evasion [via] TAZ Forum

This tutorial was posted by Striek on the TAZ forum.  It is exhaustive and requires alot of base knowledge.

Read the excerpt:

NMAP scanning and PortSentry Evasion

This paper will discuss the methods used to circumvent intrusion detection technology employed by Psionic’s PortSentry software. It will look at normal modes of operation where PortSentry binds itself to monitored ports at a userland level, and stealth modes, where it operates with raw sockets at a kernel level. The discussion of advanced stealth scan detection and the implications, pros and cons of auto-blocking portscanning attackers, as well as more advanced IDS systems, are beyond the scope of this paper. A basic undertanding of the OSI model and the TCP/IP suite of protocols, including UDP, is assumed, as well as the ability to effectively read tcdump output and syslog generated messages. Scans have been conducted using nmap 3.50 against Portsentry version is 1.2. Scanning machine is a P166 64 MB RAM, 1GB HD running Slackware 9.1 (kernel version 2.6.7) without X windows, at IP address 10.0.0.15. The victim machine is a P2.4Ghz 512 MB RAM 80 GB HD running Slackware 10.0 (kernel version 2.6.8.1) with X windows, at 10.0.0.10. Neither the attacker nor victim have the iptables (or any other firewall, stateful or not) service running. This paper may contain facutal errors to a minor degree. I welcome any corrections and/or criticisms you may deem relevant. 

I recommend that you read the rest HERE.  It is quite an amazing tutorial for those that would wish to protect themselves.


Actions

Information

3 responses

20 01 2007
salman

Hello
please send me a copy of this turorial
i am a student of this field
thanx

24 12 2007
Jackie

can giv me noe how to scan sora engine

15 06 2012
Ronaldinho

I would like to show my respect for your generosity supporting persons who need guidance on in this field. Your special dedication to passing the message all-around had been remarkably effective and have frequently made people like me to realize their dreams. Your own informative tutorial signifies this much to me and even further to my fellow workers. Regards; from all of us.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s




%d bloggers like this: