- Nmap – blocked ports
- Hping and Megaping as other tools to look for hosts
Use nmap when ports are filtered – Different scans below may show all ports filtered. If ping sweep picks box up try Zombie scan from another active box
From Kali box
A. Direct scan – nmap ipaddress
B. Syn Scan – nmap –sS ipaddress
C. Intense scan – nmap –T4 –A ipaddress
D. Ping sweep – nmap –sP 10.10.10.0/24 (ip range)
E. Zombie scan – nmap –sI 10.10.10.12 10.10.10.10 (Here target is 10.10.10.10 and .12 is the zombie
Hping from Kali box
A. Hping3 –c 3 ipaddress (sends 3 packets to target)
B. hping3 --scan 1-3000 -S 10.10.10.10 (--scan parameter defines the port range to scan and –S represents SYN flag)
C. hping3 -S 10.10.10.10 -p 80 -c 5 and press Enter. (-S will perform TCP SYN request on the target machine, -p will pass the traffic through which port is assigned, and -c is the count of the packets sent to the Target machine.)
Megaping
From windows box
A. Run Megaping
B. Select IP scanner from the left pane, specify the IP range in From and To fields
C. Select Port Scanner from left pane. Enter the IP address of target machine under Destination Address List section, and click Add.
D. MegaPing lists the ports associated with the TARGET, along with the port type, keyword, risk, port number, and description. Save each server individually as a report