Highest Voted 'scan' Questions - IT Security Stack Exchange

1

vote

1 answer

Port scans: 'traffic denied' VS 'close - age out'

I have been investigating logs from the firewall (Juniper) and I've found out that when someone is portscanning my website, the majority of the traffic through different tcp/udp ports is denied (except for ports 80 and 443, which is allowed).…

firewalls ports scan

asked Nov 14 '17 at 13:49

Gabrielius

67
2
9

1

vote

2 answers

Scan my network externally

So I'm about to undertake Cyber Essentials as our first step towards nailing as best as we can our security. I have done quite a lot of work on locking down our network, however, I would like audit the internal network externally to see if anything…

audit vulnerability-scanners network-scanners scan

asked May 25 '17 at 11:11

OliverBS

445
5
14

1

vote

1 answer

Reason behind sending multiple probes when scanning?

I've read, that the ZMap creators recommend to send three probes for each (ip,port) tuple when scanning. Let's say, we scan port 443 port with a TCP SYN scan. One reason, I can imagine is packet loss. Do you know any other reasons for sending…

tcp web-scanners scan

asked Dec 23 '16 at 11:58

Hansi

87
1
1
6

1

vote

1 answer

Scan detection Tool better than Snort Portscan Preprocessor

I am working on detection of Scanning activities of Bots/Worms. I have found that Snort Portscan Preprocessor detects Scan activities. I have tweaked Snort Portscan Preprocessor to detect different types of Scanning activities. However, I was…

ids vulnerability-scanners network-scanners detection scan

asked Jun 25 '16 at 18:15

user10012

191
1
1
9

1

vote

2 answers

Wireshark as a network scanner

I have been playing with nmap lately, trying out arp-ping scanning and using idle hosts, etc... Looking at Wireshark, there is always some suspicious activity when performing scans. The thing is, I do have to scan to find idle hosts to use and…

nmap wireshark scan

asked Apr 16 '16 at 23:24

Kali tests

13
1
3

1

vote

3 answers

Snort Unable to detect portscans in LAN

Setup Information I am doing experiment on portscan detection using snort 2.9.8.I have 10 systems in my lab with id:1,2,3,...,10. i have installed snort in my lab-pc with id:1.Now i am using Pc with id:2 to scan the PC's in lab using…

ids snort scan

asked Apr 11 '16 at 11:31

user10012

191
1
1
9

1

vote

2 answers

"CHANGELOG.txt" in Apache logs

Recently I've been seeing a major uptick in the following type of requests to my Apache logs: "GET /CHANGELOG.txt HTTP/1.1" 404 211 About a month ago, I received none. Now I receive a dozen or so each day. Occasionally they are accompanied by…

apache scan log-analysis

asked Mar 22 '16 at 16:00

SCruz

159
5

1

vote

1 answer

nmap SYN scan taking forever

I read on a book that the SYN scan in nmap is usually a lot faster than the TCP connect scan, because it doesn't go through all the three way handshake connection. But when i try both scans on the same target, the TCP connect scan takes 2 seconds,…

nmap scan

asked Jan 23 '16 at 16:45

Sidahmed

639
2
9
26

1

vote

2 answers

Network scan across multiple subnets and output list of names and IP's

We have multiple sites with multiple subnets. We have mandated that the admins at those sites enter DNS names for all devices that exist on the network. (anything with an IP gets a name) I want to be able to audit this and make sure this has been…

nmap scan

asked Oct 27 '15 at 20:53

Wally Kroeker

13
1
1
4

0

votes

1 answer

Can a QR code steal my mobile's data?

For example https://web.wechat.com By scanning the QR code from my mobile, it automatically logs in with my wechat account. Here, can QR web sever or QR devices steal the mobile data?

data-leakage qr-code scan

asked Aug 19 '15 at 10:09

ronaldtgi

1,215
3
10
14

0

votes

1 answer

Clamscan: Infected files found in Pinta

I'm currently performing a full system scan with clamscan and found the following message: /usr/lib/pinta/Clipper.dll: Win.Trojan.Clipper-9942182-0 FOUND I went online and couldn't find any reference to this type of detection, so I'm starting to…

trojan scan

asked Apr 30 '22 at 11:43

import numpy as np

3
1

0

votes

1 answer

Scanning for SMBGhost vulnerability

I am a university student currently trying to demonstrate exploitation of the SMBGhost Vulnerability on Windows 10 (Version: 1903, Build Number: 18362.356). I need to provide evidence that the vulnerability exists. However when using Nessus…

penetration-test vulnerability-scanners scan nessus openvas

asked Apr 15 '22 at 16:10

Mahin Chowdhury

1

0

votes

0 answers

Mixed results from different port scanners - stealth vs closed

I did some port scanning of the local network, as a bit of security due diligence, expecting the first 1000 to be stealthed. However, the results are mixed, when running the scan with different scanning tools. ShieldsUP! https://www.grc.com 'All…

ports scan

asked Feb 02 '22 at 01:36

S Kos

1
1

0

votes

0 answers

How reliable is a mathematical model of a human fingerprint for identification?

How reliable is a mathematical model of a human fingerprint for identification? I am looking for a way to uniquely identify individuals that is very reliable and easy to use that does not require storing actual biometric data. Storing the actual…

biometrics scan identification

asked Sep 18 '21 at 14:31

polcott

93
6

0

votes

0 answers

Router scanning ports on all connected devices

From time to time, my router starts to scan ports on all the connected devices. I have an internal RPi server which I restricted its access to the internet from the router. I checked the "/var/log/auth.log" on the RPi and many ssh attempts were made…

router ports network-scanners scan

asked Sep 08 '21 at 16:45

POD

101
1

Questions tagged [scan]