Skip to main content

ACK Scan..

An ACK scan operates by sending a TCP ACK frame to a remote port. If there are no responses or an ICMP destination unreachable message is returned, then the port is considered to be "filtered"
Scans of ports are done for a variety of reasons, but they usually are used to discover whether a host or hosts are offering a particular service. If a host is found to be offering a service that might be exploitable, the hacker might try to break in using some vulnerability.Often, scans are blatant; the hacker makes no attempt to hide his reconnaissance of your network, except that the computer from which the scans originate might be compromised. The hacker assumes
that either no one is monitoring the scanning activity or that by using the compromised host, no one can identify the hacker with the scan. Most likely there will be no attribution because no one can associate the hacker with the scan.

This can be done by issuing folowing command
#nmap -sA <host_address>
Following is the output of sample ACK scan output...

Starting Nmap 5.00 ( http://nmap.org ) at 2011-09-03 00:09 IST
NSE: Loaded 0 scripts for scanning.
Initiating ACK Scan at 00:09
Scanning 10.10.11.1 [1000 ports]
ACK Scan Timing: About 15.25% done; ETC: 00:13 (0:02:52 remaining)
ACK Scan Timing: About 30.15% done; ETC: 00:13 (0:02:21 remaining)
ACK Scan Timing: About 45.15% done; ETC: 00:13 (0:01:51 remaining)
ACK Scan Timing: About 60.15% done; ETC: 00:13 (0:01:20 remaining)
ACK Scan Timing: About 75.15% done; ETC: 00:13 (0:00:50 remaining)
Completed ACK Scan at 00:13, 201.20s elapsed (1000 total ports)
Host 10.10.11.1 is up.
All 1000 scanned ports on 10.10.11.1 are filtered
Read data files from: /usr/share/nmap
Nmap done: 1 IP address (1 host up) scanned in 201.36 seconds
           Raw packets sent: 2000 (80.000KB) | Rcvd: 1257 (90.588KB)




There is a difference between the  "filtered" ports and the "closed" ports.
closed ports do not allow for further communication and timeout occurs.
whereas "filetered" ports just straight away reject the incoming connection, i.e they are behind a firewall. Filtered means that there is a firewall somewhere which is 'intercepting' and dropping communications for a port. Actually, we don't so much filter a PORT as we filter datagrams based on whatever the rules are... and it's entirely possible that the 'rules' can be "drop all packets for this port" or "drop all packets EXCEPT those for this port"

IN the above exaple 1000 ports of the host 10.10.11.1  are  all behind a firewall.

Advantages:
Since the ACK scan doesn't open any application sessions, the conversation between nmap and the remote device is relatively simple. This scan of a single port is unobtrusive and almost invisible when combined with the other network traffic.
The ACK scan's simplicity is also its largest disadvantage. Because it never tries to connect to a remote device, it can never definitively identify an open port. 

When to use the ACK Scan
Although the ACK scan doesn't identify open ports, it does a masterful job of identifying ports that are filtered through a firewall. This list of filtered and unfiltered port numbers is useful as reconnaissance for a more detailed scan that focuses on specific port numbers.
Labels:

Comments

  1. AnonymousDecember 1, 2022 at 1:29 AM

    Short pay refers to a partial payout made by a slot machine, which is lower than the quantity due to the of} player. This happens if the coin hopper has been 솔카지노 depleted as a result of|because of|on account of} making earlier payouts to players. The remaining quantity due to the of} player is either paid as a hand pay or an attendant will come and refill the machine. Denominations can range from 1 cent ("penny slots") all finest way|the means in which} a lot as} $100.00 or more per credit.

    ReplyDelete

Post a Comment

Popular posts from this blog

Database Sharding

Collating some of the resources which talks about Database Sharding. https://en.wikipedia.org/wiki/Shard_(database_architecture) [Feb 2019]  http://highscalability.com/blog/2019/2/19/intro-to-redis-cluster-sharding-advantages-limitations-deplo.html Redis Cluster is the Native Sharding implementation available within Redis that allows your to automatically distribute your data across multiple nodes without having to rely on external tools and utilities. Its covers Sharding with Redis Cluster  where Redis Clusters is divided in 16384 slots and these slots are assigned to multiple Redis Nodes. The  Redis Cluster Specification  is the definitive guide to understanding the internals of the technology, while the  Redis Cluster Tutorial  provides deployment and administration guidelines. [ Jan 2019  ]  https://scalegrid.io/blog/scalegrid-hosting-adds-support-for-highly-available-redis-clusters-with-automated-sharding/ ScaleGrid : Fully Manage...
Post a Comment
Read more

Designing a URL Shortening Service

Designing a URL Shortening Service like TinyURL Lets design a URL Shortening service like TinyURL. This service will provide short short URLs for a large URL. What is the Problem ? URLs can be pretty huge depending upon the resources like the following : https://news.google.com/topics/CAAqIggKIhxDQkFTRHdvSkwyMHZNREZqY0hsNUVnSmxiaWdBUAE?hl=en-IN&gl=IN&ceid=IN%3Aen  ,  I think this Shortening was majorly used in Twittor where there is a limit of 140 characters.  Requirements of the System Its always necessary to clear out the requirements with the Stakeholders on what are the expectations they are making, This will ensure that our System is designed as per the Requirements.  Questions which are already answered  We need to design a system which will store a shorter version of URL that was given. When somebody clicks that shorter URL , request will hit our Service and they will be redirected to the original URL. Questions wh...
Post a Comment
Read more