From the course: Ethical Hacking: Scanning Networks
Join today to access over 22,700 courses taught by industry experts or purchase this course individually.
Understanding the idle scan
From the course: Ethical Hacking: Scanning Networks
Understanding the idle scan
- [Instructor] In order to be totally in stealth mode, the team can use the idle scan. In this segment, we'll learn how the idle scan uses an innocent bystander or zombie to send packets to a target, which makes the scan harder to trace. The idle scan is a clever way to be in total stealth mode. However, the idle scan is more complex than other scans. With an idle scan, we're scanning a target via a third party or zombie host. The first step is to find a suitable zombie. This is done by initiating contact with a potential zombie. If the zombie increments the IP header identification field, then the zombie is a good target candidate for the scan. Let's step through what happens during an idle scan. First, the team will send a TCP SYN-ACK to the zombie on a port that we expect to be closed. Now, this is done in order to obtain the IP header ID. Now, because the zombie is not in a conversation with us, the zombie will send a reset.…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.