Are you studying for the CEH certification?
Skillset can help you prepare! Sign up for your free Skillset account and take the first steps towards your certification.
Skillset can help you prepare! Sign up for your free Skillset account and take the first steps towards your certification.
A penetration tester is attempting to scan an internal corporate network from the internet without alerting the border sensor. Which is the most efficient technique for the tester in the case?
Scanning using fragmented ip packets
Spoofing an ip address
Tunneling scan over SSH
Tunneling over high port numbers
While the question says the pen tester is trying to scan the internal network from the internet (let's assume static nat or something), then this is the correct answer: https://nmap.org/book/man-bypass-firewalls-ids.html
-f (fragment packets); --mtu (using the specified MTU)
The -f option causes the requested scan (including ping scans) to use tiny fragmented IP packets. The idea is to split up the TCP header over several packets to make it harder for packet filters, intrusion detection systems, and other annoyances to detect what you are doing
Train with Skillset and pass your certification exam. Faster. Guaranteed.
Study thousands of practice questions that organized by skills and ranked by difficulty.
Create a tailored training plan based on the knowledge you already possess.
Know when you’re ready for the high-stakes exam. Have the confidence that you will pass on your first attempt.