issuhub.com

CEH

(Jeff_L) #1

108 Chapter 5 ■ Scanning Networks


You will be questioned about wardialing on the CEH exam since it is a valid

mechanism for attacking a network and more than likely will be for quite a

while to come.

Wardriving


The next type of scanning is wardriving, the process of driving around with a wireless-

enabled notebook or other device with the goal of mapping out access points, usually with

the help of a GPS device. If done carefully and with some planning, you can locate many

access points along with their configurations and physical locations. This type of scanning

is somewhat the same as wardialing in that it is helping you find an entry point into a

network—in this case not a modem but a wireless access point of some type.

There are a number of tools that can be used to perform wardriving. The following lists

some of the tools that fall into this category:

AirSnort A wireless cracking tool.

AirSnare An intrusion detection system that helps you monitor your wireless net-

works. It can notify you as soon as an unapproved machine connects to your wireless

network.

Kismet A wireless network detector, sniffer, and intrusion detection system commonly

found on Linux.

NetStumbler A wireless network detector; also available for Mac and for handhelds.

inSSIDer A wireless network detector and mapper of access points.

Pinging


The next type of scanning for live systems is the simplest and one you are probably familiar

with: pinging, or performing a ping sweep.

Pinging is the process of using the ping command to detect whether a system is live as

well as gain information about the nature of the connection between your system and the

target. The process involves using an Internet Control Message Protocol (ICMP) message,

which is why this technique is also called ICMP scanning. The process works by using one

system to send an ICMP ECHO request to another system; if that system is live, it will

respond by sending back an ICMP ECHO reply. Once this reply is received, the system

is confirmed to be up or live. Pinging is useful because it can tell you not only whether a

system is up, but also the speed of the packets from one host to another and information

about time to live (TTL).
Free download pdf
Get our desktop app
Company
Features
Documentation
Resources
© ISSUHUB. 2025. All rights reserved.