Wednesday, February 24, 2016
Tuesday, February 16, 2016
Quick and dirty: one-line FTP server (Python)
sudo pip install pyftpdlib
python -m pyftpdlib -w #(deprecated) Friday, February 12, 2016
Fast port scanning with nmap
Use nmap to test for listening services on a range of ports
nmap -sS --reason -T4 -p32000-32100 10.10.10.10/32
Explanation of arguments
-sS: TCP SYN scan. Also known as half-open scan. It requires root privileges (see -sT if this is an issue). It is fast, enabling testing of large numbers of ports (assuming high network bandwidth and absence of rate-limiting firewalls). It is unobtrusive since it does not complete TCP connections: it sends a SYN packet and checks the response. It allows clear differentiation between listening (a SYN/ACK response), not listening (a RST/reset response) or filtered (no response after retries).
--reason: Shows details regarding why each port is reported in the given state
-T<0-5>: Timing template. The respective, equivalent text flags are instructive: paranoid (0), sneaky (1), polite (2), normal (3), aggressive (4), insane (5). Higher is faster. The default is normal (3), but it is often too slow in practice for large port ranges. Higher values must be used cautiously, as they can either stress or crash target systems or easily trigger intrusion detection systems. I have found T4 to be practical for routine systems diagnostics work. T4 is the equivalent of
--max-rtt-timeout 1250ms --min-rtt-timeout 100ms
--initial-rtt-timeout 500ms --max-retries 6. When scanning many ports on a reliable network, I override maximum retries to accelerate the scan with --max-retries=0.-p: Port range
Hosts: Target hosts, represented as IP addresses, with a given host mask. In the example, 10.10.10.10/32, a single host is requested. A mask shorter than 32 bits designates ranges, e.g. 10.10.10.0/24, includes 10.10.10.0 through 10.10.10.255
Subscribe to:
Posts (Atom)