Transcript AGENDA
Network Monitor By Zhenhong Zhao What is the Network Monitor? The Network Monitor is a tool that gets information off of the host on the LAN. – Enumerating all hosts on the LAN. – This utility allows you to get the names of the hosts in the network and their IP addresses. – It also allows you to get the user list off of any host. – Scanning any computer on the network and reporting all opening ports of this computer. Why? • Authentication Who are you? • Authorization Are you allowed access to the information? How? Microsoft Visual Basic 6.0 Winsock used Enumerated Host 1 Host 2 Host 4 Host 3 Host 5 Wsock 32 Enumerated Host 1 Host 2 Host 4 Host 3 Host 5 Wsock 32 IP Address and Users Host 1 Host 2 Host 4 Host 3 Host 5 Wsock 32 IP Address and Users Host 1 Host 2 Host 3 Host3 Host 4 Host 5 Wsock 32 IP Address and Users Host 1 Host 2 Host 3 Info Host 4 Host 5 Wsock 32 Why the Port Scanner? Each time you send or receive data through the Internet, your mail (or web, chat, or whatever) program must connect to a remote port of a remote host. port range utilization 0 - 1023 well known ports, which include the most common services, like SMTP, POP3, FTP, etc. 1024 - 49151 registered ports, which are assigned by the IANA organization 49152 - 65535 dynamic and/or private ports, which can be freely used service port description echo 7 Echo daytime 13 Daytime ftp 21 File Transfer Protocol ssh 22 SSH Remote Login Protocol telnet 23 Telnet smtp 25 Simple Mail Transfer time 37 Time nameserver 42 Host Name Server nicname 43 Who Is domain 53 Domain Name Server gopher 70 Gopher http 80 World Wide Web HTTP kerberos 88 Kerberos pop3 110 Post Office Protocol netbios-ns 137 NETBIOS Name Service netbios-dgm 138 NETBIOS Datagram Service netbios-ssn 139 NETBIOS Session Service Port scanner Host 1 Host 2 Host 3 send response Host 4 Host 5 Wsock 32 Working Model Advantages • Friendly user interface • The modular design • Easy administration • Enforced security strategy Future Plans List the user name that logs on each computer, and has ability to communicate with that user. Block unfriendly incoming IP and Ping.