Detecting Nmap TCP SYN Stealth Scan -sS within Wireshark
This is the third in a series of posts looking at detecting Nmap scans in Wireshark. I’m being guided by Chapter 31 of Wireshark Network Analysis entitled: “Detect Scanning and Discovery processes I’ve...
View ArticleSecurity Onion IDS (Intrusion Detection System) NSM (Network Security...
Since I began my series on detecting Nmap in Wireshark I’ve become somewhat obsessed with looking at detection and security software that can identify port scans and more. In the book Nmap Network...
View ArticleDetecting Nmap NULL Scan (-sN) in Wireshark
This is the fourth in a series of posts looking at detecting Nmap scans in Wireshark. I’m being guided by Chapter 31 of Wireshark Network Analysis entitled: “Detect Scanning and Discovery processes”....
View ArticleResults of an Nmap aggressive scan using Snorby in Security Onion
Following a previous post I performed an “aggressive” scan using Nmap - including service/version, OS detection and Nmap Scripting Engine (NSE) – on the machine hosting Security Onion on an Ubunutu...
View ArticleDetecting Nmap Xmas Scan (-sX) in Wireshark and Snorby
This is the fifth in a series of posts looking at detecting Nmap scans in Wireshark. I’m being guided by Chapter 31 of Wireshark Network Analysis entitled: “Detect Scanning and Discovery processes”....
View ArticleInstalling and running Metasploit Armitage in Kali Linux and my first scan
Armitage is Metasploit’s GUI and although you can find instructions on installing this on Kali Linux, for me, it was no more difficult than running an Metasploit update (msfupdate) and requesting...
View ArticleNmap: Hiding IP Address using Proxychains with Tor in Kali Linux
Superb video below demonstrating configuring Proxychains with Tor for anonymous port scanning and such within Kali Linux:
View ArticleCrafting a Simple TCP SYN Packet in Ruby Packetfu
I’m using Ruby Packetfu to understand how to handle a Ruby application and learn more about packets. Previous Packetfu posts here. I rather like TCP SYN Packets as they’re very useful in determining if...
View ArticleMetasploitable 2: Port Scan – Service and version detection Nmap output
This blog post simply details the results of scanning Metasploitable 2 with Nmap for easy future reference. Nmap scan flags used: nmap -sV -O -p- 192.168.1.103 Service version detection (sV) – OS...
View ArticleShodan Computer Search Engine of Banners & Headers
I’ve noted folk Tweeting enthusiastically about the Shodan search engine, but it was only recently whilst researching SCADA systems that I came across this BBC article which seriously kindled my...
View Article
More Pages to Explore .....