The collection of network information--Comprehensive scanning-x-scan

Source: Internet
Author: User
Tags ftp site

"Experimental principle"

1) using the X-scan tool:

2) Vulnerability scanning: IPC, RPC, POP3, FTP, TELNET, WEB

3) Brute force: FTP, POP3, HTTP

"Experimental Steps"

First, set the X-scan parameter

1.1 In this machine, open the run interface to set up, click the parameter settings in the menu bar settings to enter the parameter setting interface


650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M02/77/A6/wKiom1ZqipmQCjPeAACPCGXHzkA557.png "style=" float: none; "title=" 111111111.png "alt=" Wkiom1zqipmqcjpeaacpcgxhzka557.png "/>


1.2 Click the Load button to load the pre-set parameter file, save the current settings of the parameters of the information stored in a file, so that the next time the application can be read directly. Address Book adds pre-added addresses directly to an IP address


650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M00/77/A5/wKioL1ZqiqSBTY4lAAFmQbX6ozU640.png "style=" float: none; "title=" 222222222.png "alt=" Wkiol1zqiqsbty4laafmqbx6ozu640.png "/>


Second, global settings: This module contains all the global scan options.

2.1 Scan module: mainly includes some service and protocol weak password and other information scanning, according to the dictionary to detect the host various services and the corresponding weak password, corresponding to each item has corresponding instructions

Note: If you select the FTP weak password option, to ensure the scan results, you should now set its security account option from the FTP site's Properties window in the virtual machine.


650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M00/77/A6/wKiom1Zqiqeww9_8AACqT2OrkQQ801.png "style=" float: none; "title=" 333333333.png "alt=" Wkiom1zqiqeww9_8aacqt2orkqq801.png "/>


2.2 Concurrent Scan: The primary is to set the number of concurrent scans, including the maximum number of concurrent hosts, the maximum number of concurrent threads, and the maximum number of concurrent plug-ins. As shown in 6.




650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M01/77/A6/wKiom1ZqiqzSVnYvAAE4u32FHpQ974.png "style=" float: none; "title=" 444444444.png "alt=" Wkiom1zqiqzsvnyvaae4u32fhpq974.png "/>


2.3 Scan Report: Set the report generation status after the scan is completed for the host. As shown in 7.




650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M00/77/A5/wKioL1ZqirPD-XASAAEghHl1atw993.png "style=" float: none; "title=" 666666666.png "alt=" Wkiol1zqirpd-xasaaeghhl1atw993.png "/>


2.4 Other settings: mainly for the scanning process of the display and additional settings for the progress of the scan


650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M02/77/A6/wKiom1Zqirag1y44AAEpRV3uHSk794.png "style=" float: none; "title=" 777777777.png "alt=" Wkiom1zqirag1y44aaeprv3uhsk794.png "/>


Third, plug-in Settings: This module contains the relevant settings for each scan plug-in.

3.1 Port-related settings: The main settings are the various ports you want to scan, the detection method, and the default ports for each service agreement. (This experiment mainly detects FTP weak password, so only 21 ports are filled in)



650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/77/A5/wKioL1ZqisCzLPZoAAFiHU1GC30918.png "style=" float: none; "title=" 888888888.png "alt=" Wkiol1zqisczlpzoaafihu1gc30918.png "/>


3.2SNMP Related settings: Main settings detect SNMP related information


650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M00/77/A6/wKiom1Zqis_xLtRnAAFDfQ7lPTA592.png "style=" float: none; "title=" 999999999.png "alt=" Wkiom1zqis_xltrnaafdfq7lpta592.png "/>


3.3NETBIOS Related settings: Main settings detect NetBIOS related information, 11.



650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M01/77/A6/wKioL1ZqitXAgz36AAEv_YNC9Rs946.png "style=" float: none; "title=" 9999999999.png "alt=" Wkiol1zqitxagz36aaev_ync9rs946.png "/>


3.4 Vulnerability Detection script settings: mainly for each vulnerability written detection script to filter, select the script to be used, for convenience is generally set as a full selection, but also the pattern of their own need to choose


650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/77/A6/wKiom1ZqitjhLryVAAFJ2pGCnt8884.png "style=" float: none; "title=" 99999999991.png "alt=" Wkiom1zqitjhlryvaafj2pgcnt8884.png "/>


3.5 CGI Related settings: Set some parameters of the CGI, as shown in 13.


650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M02/77/A6/wKioL1ZqiuDDCswoAAFwLGrmYSQ165.png "style=" float: none; "title=" 99999999992.png "alt=" Wkiol1zqiuddcswoaafwlgrmysq165.png "/>

3.6 Dictionary File settings: mainly for the scanning process need to use the dictionary to select, you can manually add data dictionary,


650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M00/77/A6/wKiom1Zqiuahr8lqAAE2XBSZWGA569.png "style=" float: none; "title=" 99999999993.png "alt=" Wkiom1zqiuahr8lqaae2xbszwga569.png "/>


Four, the scan:

4.1 After the setting is complete, click on the Green button or the menu file---start scanning for probing scanning, the speed of the scan with the network environment and native configuration, etc., different



650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M01/77/A6/wKiom1ZqiujRKivaAACtqiccfWA404.png "style=" float: none; "title=" 99999999994.png "alt=" Wkiom1zqiujrkivaaactqiccfwa404.png "/>

4.2 Report generation: Reports are generated automatically when the scan is completed according to the report settings



650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M01/77/A6/wKioL1ZqiuvDwSmRAACLOd2Tifw062.png "style=" float: none; "title=" 99999999995.png "alt=" Wkiol1zqiuvdwsmraaclod2tifw062.png "/>

4.3 Vulnerability test based on information obtained from Probe Scan report: FTP Weak password vulnerability detected, weak database password


4.4 Testing for vulnerability attacks











The collection of network information--Comprehensive scanning-x-scan

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.