How Can Work Scanning And Fingerprinting In Kali Linux

Scanning And Fingerprinting

Daemon-Banner Grabbing

"It is a process of getting useful bits of information about the target system by recording the welcome banners of the daemons running on its various ports."

Daemon-Banner Grabbing can be used to get the following information about the target system:

• Daemon name and version number.

• Operating System

• Security Measures used

• To identify possible points of entry. Do not put sensitive information in web browser able directories

• Can easily be executed manually using 'Telnet' or by using Port Scanners.

Daemon Banner Grabbing: Possible Countermeasures

• Edit the default welcome message and ensure important information is not given out.

• To misguide the attacker and display false daemon banners.

• Use a long false daemon banner and in the background record information on the client and try and trace him.

                 Banner grabbing is considered a very important part of penetration tests because it gives us information about the daemon that is running and accepting our connection and whether it is patched or not.

                  Sometimes, it also gives off information such as the time it was compiled, if it is a beta version or not. With that information, you can move ahead and try to exploit the daemon. Of course, this information can be changed, to something it is not! But, the fact remains that most system administrators are only interested in the daemon working good and they are least concerned with the version information. All they want is a 100% system uptime. SO, most of them do not change it and let it be the system default.

               The question now remains how you grab a banner. Simple! Telnet to the port and see the output easy. We have included a small list of well-known ports under port number 1024, that you can use and grab a banner.

• 21  FTP (File Transfer Protocol)

• 22  SSH (Secure Shell)

• 23  Telnet

• 25  SMTP (Send Mail Transfer Protocol)

• 43  whois

• 53  DNS  (Domain Name Service)

• 68  DHCP (Dynamic Host Control Protocol)

• 79  Finger

• 80  HTTP (Hyper Text Transfer Protocol)

• 110 POP3 (Post Office Protocol, Version 3)

• 115 SFTP (Secure File Transfer Protocol)

• 119 NNTP (Network News Transfer Protocol)

• 123 NTP  (Network Time Protocol)

• 137 NetBIOS-ns

• 138 NetBIOS-dgm

• 139 NetBIOS

• 143 IMAP (Internet Message Access Protocol)

• 161 SNMP (Simple Network Management Protocol)

• 194 IRC  (Internet Relay Chat)

• 220 IMAP3 (Internet Message Access Protocol, Version 3)

• 389 LDAP  (Lightweight Directory Access Protocol)

• 443 SSL   (Secure Socket Layer)

• 445 SMB   (NetBIOS over TCP)

• 666 Doom

• 993 SIMAP  (Secure Internet Message Access Protocol)

• 995 SPOP  (Secure Post Office Protocol)

For example, you want to grab a banner for an SMTP service (port 25). All you do is telnet mail server 25.

“To attack a system, You need to know the system, is must for any Hacker”

How Can Work Scanning And Fingerprinting In Kali Linux

- : Thank You For Visit : -