Transcript AGENDA
Network Monitor
By Zhenhong Zhao
What is the Network Monitor?
The Network Monitor is a tool that gets
information off of the host on the LAN.
– Enumerating all hosts on the LAN.
– This utility allows you to get the names of the hosts in
the network and their IP addresses.
– It also allows you to get the user list off of any host.
– Scanning any computer on the network and reporting all
opening ports of this computer.
Why?
• Authentication
Who are you?
• Authorization
Are you allowed access to the information?
How?
Microsoft Visual Basic 6.0
Winsock used
Enumerated
Host 1
Host 2
Host 4
Host 3
Host 5
Wsock 32
Enumerated
Host 1
Host 2
Host 4
Host 3
Host 5
Wsock 32
IP Address and Users
Host 1
Host 2
Host 4
Host 3
Host 5
Wsock 32
IP Address and Users
Host 1
Host 2
Host 3
Host3
Host 4
Host 5
Wsock 32
IP Address and Users
Host 1
Host 2
Host 3
Info
Host 4
Host 5
Wsock 32
Why the Port Scanner?
Each time you send or receive data through the Internet,
your mail (or web, chat, or whatever) program must
connect to a remote port of a remote host.
port range
utilization
0 - 1023
well known ports, which include the most common services,
like SMTP, POP3, FTP, etc.
1024 - 49151
registered ports, which are assigned by the IANA organization
49152 - 65535
dynamic and/or private ports, which can be freely used
service
port
description
echo
7
Echo
daytime
13
Daytime
ftp
21
File Transfer Protocol
ssh
22
SSH Remote Login
Protocol
telnet
23
Telnet
smtp
25
Simple Mail Transfer
time
37
Time
nameserver
42
Host Name Server
nicname
43
Who Is
domain
53
Domain Name Server
gopher
70
Gopher
http
80
World Wide Web HTTP
kerberos
88
Kerberos
pop3
110
Post Office Protocol
netbios-ns
137
NETBIOS Name Service
netbios-dgm
138
NETBIOS Datagram
Service
netbios-ssn
139
NETBIOS Session Service
Port scanner
Host 1
Host 2
Host 3
send
response
Host 4
Host 5
Wsock 32
Working Model
Advantages
• Friendly user interface
• The modular design
• Easy administration
• Enforced security strategy
Future Plans
List the user name that logs on each computer, and
has ability to communicate with that user.
Block unfriendly incoming IP and Ping.