Official Student Lab Guide

                                                                                  Lab 4 – Detecting Live Systems



































                          e.  Although SYN scans are more likely to be unnoticed, they can still be detected by some
                              intrusion detection countermeasures. The Stealth FIN, Xmas Tree, and Null scans are
                              used to evade packet filters and firewalls that may be watching for SYN packets directed
                              toward restricted ports. These three scans should return RST for closed ports, whereas
                              open ports should drop the packet. A FIN "-sF" scan will send a FIN packet to each port,
                              whereas the Xmas Tree scan "-sX" turns on the FIN, URG, and PUSH flags, and a Null
                              Scan "-sN" turns off all flags. Because of Microsoft's incompliance with TCP standards,
                              the FIN, Xmas, and Null scans are only effective on non-Microsoft operating systems.
          Report piracy if the fingerprint in this box is of poor resolution!
                          f.  Try each of these scans against Linux OS (Metasploitable or VulnWeb)
                                 i.  sudo nmap -sF 192.168.#.#
                               ii.  sudo nmap -sX 192.168.#.#
                              iii.  sudo nmap -sN 192.168.#.#























               Certified Penetration Testing Engineer – v06.3.1.4                                 P a g e  | 71
               ©Mile2 – All Rights Reserved