122 Chapter 5 ■ Scanning Networks
So how does it work? Again, let’s let the developer describe the process (from the same
website):
To create a private network pathway with Tor, the user’s software or
client incrementally builds a circuit of encrypted connections through
relays on the network. The circuit is extended one hop at a time, and
each relay along the way knows only which relay gave it data and which
relay it is giving data to. No individual relay ever knows the complete
path that a data packet has taken. The client negotiates a separate set of
encryption keys for each hop along the circuit to ensure that each hop
can’t trace these connections as they pass through.
So you see that TOR provides you with a good amount of protection as well as the
ability to obscure or encrypt traffic, making it much more difficult to detect.Summary
Acting on the information gathered from the footprinting phase, you can perform network
scanning with a much more targeted and purposeful strategy. Scanning represents an
aggressive approach to gaining information about a system, because you are interacting
directly with a target. You are probing the network and systems looking to see what you
can find. Vulnerability scans, network mapping, port scans, and OS fingerprinting give you
insight into the system and tell you the potential paths you can take with your testing.Exam Essentials
Remember the basic concept of scanning. Scanning is designed to reveal the nature of
system networks as well as the vulnerabilities that are present in the environment.Understand the targets. Know what resources can be targeted. Know what is present and
start making plans on how to attack.Know the vulnerabilities. Understand that vulnerabilities change based on the operating
system, network design, and other factors present in an environment.Know when to use each scan. Each scan has its own benefits and drawbacks that make it
a good or bad choice for a given situation. Know when to use each.Know the preventive measures. Know the preventive measures available and the actions
each one takes to prevent the attack.Know your tools and terms. The CEH exam is drenched with terms and tool names in
the case of scanners there are quite a few available. However, the one you should be most
familiar with and have experience using is Nmap. Familiarize yourself with the switches
and techniques used to operate this scanner prior to taking the exam.