Network Assessment Tools

The common network assessment tools like Wireshark and Nmap can complete within the network or external network (remotely). The purpose of network assessment is to pinpoint the network vulnerabilities or weakness that been exposed to compromise.

Wireshark

We normally use Wireshark that previously known as Ethereal can work in a promiscuous mode where it can capture all traffic and communication of a TCP broadcast domain flow.

The tester to analyze the traffic of the network by using Wireshark such as Stray IP Addresses, Malicious Packets, flooding packet that might lead to DDOS attack.

The tester needs to be bear in mind that Wireshark doesn’t have its own intelligence on the network and the tester need to treat Wireshark as a data provider to be analyzed.

Nmap

Nmap is a famous network assessment tools for almost a decade. Nmap is already built-in for all Linux Operating System. The Nmap can construct any packets and performing a network scan from OS Operating System to Acknowledge scan.

Nmap command

  • Nmap –A –T4 –O <ip address>
  • Nmap –O <ip address>
  • Nmap –p 1-10000 <ip address>
  • Nmap –sU 1-200 <ip address>

Metasploit

After completing the progress of Sniffing and scanning with Wireshark and Nmap, it is the time to aggressive scan using Metasploit.  Compared metasploit with other different framework out there, Metasploit also can used for exploiting the application level and anti-forensics function.

For those who is expert in programming, they can write a few of code that can used for exploiting certain vulnerability.

Author: Wan Ariff

Leave a Reply

Your email address will not be published. Required fields are marked *