Information Security Experiment 2: using x-scanner scanning tool

One 、 Purpose and requirements of the experiment

1. Be familiar with the principle of scanning the port of the computer ;

2. Skillfully use X-SCANNER The scanning tool scans the port of the computer .

3. Use port scanning to scan a host , And show the results （ Which ports are open on a host ）. For a network segment IP scanning , Show the results （ Which hosts in a network segment are powered on ）.

Two 、 Experimental content

1． Skillfully use X-SCANNER Interface of scanning tool

2． View port information

Open the scanning results to check whether there are machines with shared resources that can be invaded , Check common ports such as 21、23、139 Whether it is open .

3． Discover system vulnerabilities

  Discover the of the target system CGI Loophole 、IIS Loophole 、RPC Loophole 、SQL Server Loopholes and FTP Weak password vulnerability .

3、 ... and 、 Experimental environment

function Windows XP/2000 The computer of the operating system .

Four 、 Experimental steps and result analysis

       1. Install scan tool X-Scan , Click on the run

       2. Set scanning parameters in settings , Perform a local scan

Select scan module in global settings , Include 、IIS Loophole 、RPC Loophole 、SQL Server Loopholes and FTP Weak password vulnerability

Set port related settings in plug-in settings

Click OK after configuration , Then click the run button

Scan complete , The report found 92 A loophole

3. For network segment 192.168.0.0-192.168.0.100 scan

Scan complete , There is no loophole

5、 ... and 、 Summarize and analyze

    When installing software and using software for port scanning , Close the firewall and real-time protection of the system , Otherwise, it will be forcibly stopped as malware . Through this experiment , I got hold of X-Scan How to use , And how to configure and scan ports .