Scribd
Upload
8 views4 pages

Semester 2

The document outlines a Semester 2 module on Scanning Networks, consisting of five units covering fundamentals, techniques, vulnerability identification, countermeasures, and ethical considerations in network scanning. Participants will engage in practical exercises using tools like Nmap, Nessus, and Wireshark to develop skills in scanning, vulnerability detection, and reporting. By the end of the module, learners will understand various scanning techniques, legal implications, and strategies to secure networks against scanning attacks.

Uploaded by

rajidataanalyst
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
8 views4 pages

Semester 2

The document outlines a Semester 2 module on Scanning Networks, consisting of five units covering fundamentals, techniques, vulnerability identification, countermeasures, and ethical considerations in network scanning. Participants will engage in practical exercises using tools like Nmap, Nessus, and Wireshark to develop skills in scanning, vulnerability detection, and reporting. By the end of the module, learners will understand various scanning techniques, legal implications, and strategies to secure networks against scanning attacks.

Uploaded by

rajidataanalyst
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd

For Semester 2

Module 02: Scanning Networks (60 Hours)

Unit 1: Fundamentals of Network Scanning (10 Hours)

Concepts:

 Networking Basics:

o Overview of Network Layers (OSI and TCP/IP Models).

o Key Protocols: TCP, UDP, ICMP, DNS, ARP, and HTTP.

 Types of Network Scanning:

o Port Scanning: Identifying open/closed/filtered ports.

o Vulnerability Scanning: Basics of detecting security flaws.

o Live Host Discovery: Methods for identifying active devices.

 Network Discovery Protocols and Tools:

o Protocols: SNMP, ARP, ICMP, and DHCP.

o Tools: Nmap, Angry IP Scanner, and Advanced IP Scanner.

Practical Exercises:

 Performing basic live host discovery using ICMP and ARP.

 Demonstrating simple port scanning with Nmap.

Unit 2: Network Scanning Techniques (20 Hours)

Concepts:

 TCP and UDP Scanning:

o Understanding TCP Three-Way Handshake.

o TCP Connect Scanning and Half-Open (SYN) Scanning.

o UDP Scanning Challenges and Techniques.

 Ping Sweeps and ICMP Scanning:

o Identifying hosts using ping sweeps.

o Bypassing firewalls that block ICMP packets.


 Advanced Techniques:

o Banner Grabbing: Gathering software and version details.

o OS Fingerprinting: Identifying operating systems through TCP/IP stack analysis.

 Tools for Advanced Scanning:

o Nmap: Advanced options like scripting and aggressive scans.

o Netcat: Scanning and basic exploitation.

o Wireshark: Packet capture and analysis for network scanning.

Practical Exercises:

 Performing OS fingerprinting using Nmap.

 Capturing and analyzing ICMP traffic with Wireshark.

 Using Netcat to scan and interact with open ports.

Unit 3: Identifying Vulnerabilities (15 Hours)

Concepts:

 Scanning for Open Ports and Services:

o Identifying common port vulnerabilities (e.g., SSH, SMB, RDP).

o Service enumeration techniques.

 Detecting Misconfigurations in Network Devices:

o Misconfigured firewalls and routers.

o Weak SNMP and Telnet settings.

 Using Vulnerability Scanning Tools:

o Nessus: Basics of configuring and interpreting scans.

o OpenVAS: Setup and scanning for open-source vulnerability detection.

o Nikto: Scanning for web server vulnerabilities.

Practical Exercises:

 Conducting a Nessus scan and analyzing findings.

 Using OpenVAS to detect vulnerabilities in a simulated network.

 Running Nikto to find vulnerabilities in a test web server.


Unit 4: Countermeasures and Reporting (15 Hours)

Concepts:

 Mitigation Strategies Against Scanning Attacks:

o Configuring firewalls to block unauthorized scans.

o Using Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS).

o Analyzing and responding to suspicious network traffic.

 Generating Detailed Scanning Reports:

o Writing clear and actionable reports.

o Prioritizing vulnerabilities based on severity (e.g., CVSS).

o Recommendations for mitigating identified vulnerabilities.

 Case Study:

o Analyzing a scanning attack on a corporate network.

o Steps taken to detect and mitigate the attack.

Practical Exercises:

 Writing a scanning report based on lab findings.

 Simulating defensive measures against a scanning attack using firewalls and IDS.

Unit 5: Case Studies and Ethical Considerations in Scanning (10 Hours)

Concepts:

 Ethical and Legal Aspects of Scanning:

o Understanding what constitutes unauthorized scanning.

o Legal ramifications under cybersecurity laws (e.g., IT Act, GDPR).

 Case Studies:

o Successful ethical hacking projects that used scanning effectively.

o Analysis of real-world vulnerabilities found via scanning (e.g., EternalBlue exploit).

 Future of Scanning Techniques:

o AI and Machine Learning in network scanning tools.

o Advanced evasion techniques used by attackers and countermeasures.

Practical Exercises:
 Discussion-based analysis of case studies.

 Preparing a risk matrix based on scanning results.

Learning Outcomes:

By the end of this module, participants will:

1. Gain expertise in different network scanning techniques and tools.

2. Develop skills in vulnerability identification and mitigation.

3. Understand how to generate comprehensive scanning reports.

4. Learn ethical and legal considerations while conducting network scans.

5. Be equipped to secure networks against scanning and reconnaissance attacks.

You might also like