当前位置:网站首页>Information Security Experiment 2: using x-scanner scanning tool
Information Security Experiment 2: using x-scanner scanning tool
2022-07-07 09:22:00 【Not enough to eat】
One 、 Purpose and requirements of the experiment
1. Be familiar with the principle of scanning the port of the computer ;
2. Skillfully use X-SCANNER The scanning tool scans the port of the computer .
3. Use port scanning to scan a host , And show the results ( Which ports are open on a host ). For a network segment IP scanning , Show the results ( Which hosts in a network segment are powered on ).
Two 、 Experimental content
1. Skillfully use X-SCANNER Interface of scanning tool
2. View port information
Open the scanning results to check whether there are machines with shared resources that can be invaded , Check common ports such as 21、23、139 Whether it is open .
3. Discover system vulnerabilities
Discover the of the target system CGI Loophole 、IIS Loophole 、RPC Loophole 、SQL Server Loopholes and FTP Weak password vulnerability .
3、 ... and 、 Experimental environment
function Windows XP/2000 The computer of the operating system .
Four 、 Experimental steps and result analysis
1. Install scan tool X-Scan , Click on the run
2. Set scanning parameters in settings , Perform a local scan
Select scan module in global settings , Include 、IIS Loophole 、RPC Loophole 、SQL Server Loopholes and FTP Weak password vulnerability
Set port related settings in plug-in settings
Click OK after configuration , Then click the run button
Scan complete , The report found 92 A loophole
3. For network segment 192.168.0.0-192.168.0.100 scan
Scan complete , There is no loophole
5、 ... and 、 Summarize and analyze
When installing software and using software for port scanning , Close the firewall and real-time protection of the system , Otherwise, it will be forcibly stopped as malware . Through this experiment , I got hold of X-Scan How to use , And how to configure and scan ports .
边栏推荐
- Schema-validation: wrong column type encountered in column XXX in table XXX
- Do you have any certificates with high gold content?
- STM32的时钟系统
- 2021 year end summary
- C语言指针(中篇)
- Locust performance test 3 (high concurrency, parameter correlation, assembly point)
- Error: selenium common. exceptions. WebDriverException: Messag‘geckodriver‘ execute
- 網易雲微信小程序
- Port multiplexing and re imaging
- Mysql数据库-锁-学习笔记
猜你喜欢
MySql数据库-索引-学习笔记
PMP Exam details after the release of the new exam outline
Unity shader (to achieve a simple material effect with adjustable color attributes only)
Jmeters use
Cesium load vector data
Implementation of corner badge of Youmeng message push
[istio introduction, architecture, components]
Jenkins modifies the system time
Pytest+request+allure+excel interface automatic construction from 0 to 1 [five nails / flying Book notice]
Upgrade Alibaba cloud RDS (relational database service) instance to com mysql. jdbc. exceptions. Troubleshooting of jdbc4.communicationsexception
随机推荐
Unittest simple project
Locust performance test 3 (high concurrency, parameter correlation, assembly point)
LeetCode每日一题(2316. Count Unreachable Pairs of Nodes in an Undirected Graph)
The essence of high availability
NVIC中断优先级管理
What is the use of PMP certificate?
C language pointer (Part 1)
What is MD5
C language pointer (Part 2)
C language pointer (Part 2)
Pick up the premise idea of programming
Mysql database index study notes
Kubernetes cluster capacity expansion to add node nodes
Why is access to the external network prohibited for internal services of the company?
Count the number of words in the string c language
Pytest+request+allure+excel interface automatic construction from 0 to 1 [five nails / flying Book notice]
Schema-validation: wrong column type encountered in column XXX in table XXX
MySql数据库-索引-学习笔记
Jmeters use
PMP Exam details after the release of the new exam outline