1
00:00:00,440 --> 00:00:06,320
‫You can scan the network to find out the computer systems and network and discover the network topology.

2
00:00:07,170 --> 00:00:09,540
‫First, let's see the scan types.

3
00:00:11,890 --> 00:00:16,090
‫There are two types of scanning, first type is passive scan.

4
00:00:17,070 --> 00:00:20,790
‫In this type of scanning, you don't want to be recognized by the target.

5
00:00:22,600 --> 00:00:28,780
‫In this regard, you don't directly contact target systems just by watching the network's traffic flow,

6
00:00:28,780 --> 00:00:33,610
‫passive scanners can deduce a large amount of information about the communicating systems.

7
00:00:34,970 --> 00:00:42,290
‫You can use tools such as TCP Dump or Wireshark to monitor network traffic, looking at the ARP table

8
00:00:42,290 --> 00:00:46,220
‫in a computer which is connected to the network is another example of passive scanning.

9
00:00:47,980 --> 00:00:54,310
‫So the second type is active scan in this type of scanning, you scan on the target systems.

10
00:00:56,080 --> 00:01:03,790
‫Active scanning requires more preparation for the attacker or pin tester because it leaves traces which

11
00:01:03,790 --> 00:01:07,010
‫are likely to alert the target or produce evidence against him.

12
00:01:07,750 --> 00:01:11,710
‫Active scanning on your network can also return great headaches, however.

13
00:01:12,590 --> 00:01:19,760
‫It can have a high political cost and far reaching effects on system uptime and reliability, if not

14
00:01:19,760 --> 00:01:24,250
‫done carefully, it can be an ineffective, inefficient way to gather information.

15
00:01:25,840 --> 00:01:27,790
‫We'll see and map in details.

16
00:01:29,280 --> 00:01:37,410
‫H Ping is an excellent command line oriented TCP IP packet analyzer, it looks like ping command, but

17
00:01:37,410 --> 00:01:41,700
‫each ping isn't only able to send ICMP Echo request.

18
00:01:42,450 --> 00:01:52,200
‫It supports TCP, UDP, ICMP and raw IP protocols as a traceroute mode, the ability to send files between

19
00:01:52,200 --> 00:01:54,960
‫a covered channel and many other features.

20
00:01:56,700 --> 00:02:00,390
‫Skype is a powerful interactive packett manipulation program.

21
00:02:01,610 --> 00:02:07,580
‫It is able to forge or decode packets of a wide number of protocols, send them on the wire, capture

22
00:02:07,580 --> 00:02:10,640
‫them, match requests and replies and much more.

23
00:02:11,560 --> 00:02:17,110
‫Traceroute is a utility that records the route, the specific Gateway computers at each hop through

24
00:02:17,110 --> 00:02:23,680
‫the network between your computer and a specified destination computer so you can find out the network

25
00:02:23,680 --> 00:02:27,850
‫devices between you and the target and identify the network topology.

26
00:02:28,750 --> 00:02:35,890
‫There's a really good comparison of active and passive scanning on network world dot com website, which

27
00:02:35,890 --> 00:02:43,570
‫says just as you can determine the type of cheese by tasting it an active scan, you can also use passive

28
00:02:43,570 --> 00:02:49,120
‫techniques such as reading the label or smelling the aroma as it passes by.