Phases in Hacking: Reconnaissance & Port Scanning


LOTS OF LOVE...😍

💨Happy Raksha-Bandhan to all Brothers and Sisters this day...💗


In the previous post see here 👀 , we discussed about how to prevent hacking activities and essential things that a hacker should have. Let's start with today's topic related to different phases/steps in hacking and this will be a series of posts explaining each phase of hacking accordingly...

Equifax was hacked by Chinese military officers, federal ...

👉Before attacking a system, we need to gather/collect some basic target information. Therefore, information gathering is the first basic step in ethical hacking.(We are discussing more about information gathering in the next post about "Information Gathering")

 

Let's initiate with the first phase,

RECONNAISSANCE

Reconnaissance is the first step of ethical hacking which is a set of processes and techniques such as Footprinting, Scanning, and Enumeration, which are used in gathering and collecting information about the target computers or network systems. This is the most important step for a hacker which leads to actual hacking.


An Introduction to Network Security - Hacker Combat

 

👉Basically, there are two types of reconnaissance:

1. Active Reconnaissance

2. Passive Reconnaissance



Active Reconnaissance

In this process, a hacker is always in contact with the target hence there is always a risk of getting detected.

Passive Reconnaissance

Passive reconnaissance has no contact with the target network. So it has lesser chances of detection.


"DNS Reconnaissance"

DNS(Domain Name System) reconnaissance is the process by which a hacker can gather, collect, or access as much information as he can regarding the DNS servers and records about the target. DNS translates domain names to IP addresses so browsers can load Internet resources. So this process must include Internet Protocol(IP) - IPv4(Internet Protocol version 4) and IPv6(Internet Protocol version 6).


1.IPv4:

IPv4 is the fourth version of the internet protocol. It is one of the core protocols of standards-based internetworking methods on the internet. It is 32 bits long.


2.IPv6:

IPv6 is the most recent version of internet protocol that provides an identification and location system for computer networks. IPv6 was created to dominate over the IPv4 address exhaustion.

 

💨Now, let us move to the next step,

 

"PORT SCANNING"



Penetration testing with CyberScan: Port Scanning & IP Geo Locator

 

Port scanning or scanning is the act of systematically scanning a computer's ports. It has legitimate uses in managing networks but can be malicious in nature.

 

The port scanning can be achieved by using a free, open-source hacking tool name Nmap, which we have discussed earlier in the post "hacking tools" right here 👀.


It can be used to send requests to connect to the targeted computers, and then keep track of the ports which appear to be opened or those that respond to the request.


When a criminal targets a house for burglary, typically the first thing he or she checks is if there is an open window or door through which access to the home can be gained. A port scan is similar, only the windows and doors are the ports of the individual's personal computer. While a hacker may not decide to "break-in" at that moment, he or she will have determined if easy access is available. Many people feel this activity should be illegal, which it is not usually.


Hackers typically utilize port scanning because it is an easy way in which they can quickly discover services they can break into. Hackers can also open ports to access the targeted computer.

 

After this, we will go through more information collecting methods like Footprinting, Fingerprinting, DNS enumeration, collecting usernames and email addresses, port sweeping, etc. which we are gonna discuss in the next post...

 

SEE YOU IN THE NEXT POST GUYS...😊😊!

 

 

Comments