International Journal on Computational Sciences & Applications (IJCSA) Vol.4, No.1, February 2014
`International Journal on Computational Sciences & Applications (IJCSA) Vol.4, No.1, February 2014
`
`VULNERABILITY SCANNERS: A PROACTIVE
`VULNERABILITY SCANNERS: A PROACTIVE
`APPROACH TO ASSESS WEB APPLICATION SECURITY
`APPROACH TO ASSESS WEB APPLICATION SECURITY
`
`Sheetal Bairwa1, Bhawna Mewara2and Jyoti Gajrani3
`Sheetal Bairwal, Bhawna Mewara2and Jyoti Gajrani3
`
`1,2,3Department of Information Technology, Government Engineering College, Ajmer
`1,2,3Department of Information Technology, Government Engineering College, Ajmer
`
`ABSTRACT
`ABSTRACT
`
`With the increasing concern for security in the network, many approaches are laid out that try to protect
`With the increasing concern for security in the network, many approaches are laid out that try to protect
`the network from unauthorised access. New methods have been adopted in order to find the potential
`the network from unauthorised access. New methods have been adopted in order to find the potential
`discrepancies that may damage the network. Most commonly used approach is the vulnerability
`discrepancies that may damage the network. Most commonly used approach is the vulnerability
`assessment. By vulnerability, we mean, the potential flaws in the system that make it prone to the attack.
`assessment. By vulnerability, we mean, the potential flaws in the system that make it prone to the attack.
`Assessment of these system vulnerabilities provide a means to identify and develop new strategies so as to
`Assessment of these system vulnerabilities provide a means to identify and develop new strategies so as to
`protect the system from the risk of being damaged. This paper focuses on the usage of various vulnerability
`protect the system from the risk of being damaged. This paper focuses on the usage of various vulnerability
`scanners and their related methodology to detect the various vulnerabilities available in the web
`scanners and their related methodology to detect the various vulnerabilities available in the web
`applications or the remote host across the network and tries to identify new mechanisms that can be
`applications or the remote host across the network and tries to identify new mechanisms that can be
`deployed to secure the network.
`deployed to secure the network.
`
`KEYWORDS
`KEYWORDS
`
`Vulnerability, Static analysis, Attack graph, Scanners, Test–Bed
`Vulnerability, Static analysis, Attack graph, Scanners, Test—Bed
`
`1. INTRODUCTION
`1. INTRODUCTION
`
`With the emergence of information technology, the security aspect of the users has become a
`With the emergence of information technology, the security aspect of the users has become a
`more concerned factor. Since most of the software developers are not aware of various security
`more concerned factor. Since most of the software developers are not aware of various security
`measures to be introduced into the system as their motive is just to make the software application
`measures to be introduced into the system as their motive is just to make the software application
`run in a desired state without taking into consideration the flaws that the programming language
`run in a desired state without taking into consideration the flaws that the programming language
`might have introduced into the system; to protect the users from the risk of being attacked by any
`might have introduced into the system; to protect the users from the risk of being attacked by any
`unauthorised access, it becomes significantly more important to devise new strategies and
`unauthorised access, it becomes significantly more important to devise new strategies and
`methodologies that will consider the security breaches to which the user is prone to. Not only the
`methodologies that will consider the security breaches to which the user is prone to. Not only the
`software developed with flaws makes the user vulnerable to attacks, most often network also
`software developed with flaws makes the user vulnerable to attacks, most often network also
`becomes a key factor by compromising the security aspect of the users.
`becomes a key factor by compromising the security aspect of the users.
`
`Assessing and eliminating the vulnerabilities requires the knowledge and deep understanding of
`Assessing and eliminating the vulnerabilities requires the knowledge and deep understanding of
`these vulnerabilities. It becomes necessary enough to know the basic idea that works behind these
`these vulnerabilities. It becomes necessary enough to know the basic idea that works behind these
`vulnerabilities such as what makes them to appear in the system, what flaws need to be corrected
`vulnerabilities such as what makes them to appear in the system, what flaws need to be corrected
`to make the system free from these vulnerabilities, what alternatives can be further devised for
`to make the system free from these vulnerabilities, what alternatives can be further devised for
`these vulnerabilities so that in future, their risk can be reduced and many more.
`these vulnerabilities so that in future, their risk can be reduced and many more.
`Various methods have been deployed to identify these vulnerabilities and appropriate steps are
`Various methods have been deployed to identify these vulnerabilities and appropriate steps are
`taken. Strategies such as static analysis, attack graph generation and its analysis, usage of
`taken. Strategies such as static analysis, attack graph generation and its analysis, usage of
`vulnerability scanners are some of them. However, the use of vulnerability scanners to detect the
`vulnerability scanners are some of them. However, the use of vulnerability scanners to detect the
`vulnerabilities is quite prominent today. They play a significant role in the generation of attack
`vulnerabilities is quite prominent today. They play a significant role in the generation of attack
`graphs.
`graphs.
`
`DOI:10.5121/ijcsa.2014.4111
`DO1:10.5121/ijcsa.2014.4111
`
`113
`113
`
`WIZ, Inc. EXHIBIT - 1030
`WIZ, Inc. v. Orca Security LTD.
`
`WIZ, Inc. EXHIBIT - 1030
`WIZ, Inc. v. Orca Security LTD.
`
`

`

`International Journal on Computational Sciences & Applications (IJCSA) Vol.4, No.1, February 2014
`International Journal on Computational Sciences & Applications (IJCSA) Vol.4, No.1, February 2014
`Our work involves study of various port scanners and vulnerability scanners, scanning of various
`Our work involves study of various port scanners and vulnerability scanners, scanning of various
`online web applications and remote host using these scanners. We analysed various
`online web applications and remote host using these scanners. We analysed various
`vulnerabilities and make a comparison of various scanners based on their capability to identify
`vulnerabilities and make a comparison of various scanners based on their capability to identify
`these vulnerabilities.
`these vulnerabilities.
`
`Section 2 explains various techniques developed before the usage of vulnerability scanners.
`Section 2 explains various techniques developed before the usage of vulnerability scanners.
`Section 3 describes various vulnerability scanners in detail with the results, when applied on
`Section 3 describes various vulnerability scanners in detail with the results, when applied on
`various websites. Comparative study of various scanners is given in Section 4.
`various websites. Comparative study of various scanners is given in Section 4.
`
`2. TECHNIQUES FOR VULNERABILITY SCANNING
`2. TECHNIQUES FOR VULNERABILITY SCANNING
`
`2.1 STATIC ANALYSIS
`2.1 STATIC ANALYSIS
`
`Static analysis is a fast and reliable technique. It has been considered as an efficient method in
`Static analysis is a fast and reliable technique. It has been considered as an efficient method in
`detecting the vulnerabilities [3].This technique focuses on the analysis of program structure using
`detecting the vulnerabilities [3].This technique focuses on the analysis of program structure using
`various means. It emphasizes on the analysis of the code of the program in order to detect the
`various means. It emphasizes on the analysis of the code of the program in order to detect the
`flaws present in it.
`flaws present in it.
`
`Some of the techniques included in static analysis are lexical analysis, type inference, constraint
`Some of the techniques included in static analysis are lexical analysis, type inference, constraint
`analysis and many more. Lexical analysis focuses on the semantics of the program structure; the
`analysis and many more. Lexical analysis focuses on the semantics of the program structure; the
`program structure is divided into modules and then each module is compared with the loophole
`program structure is divided into modules and then each module is compared with the loophole
`library in order to detect any flaws present in the system. Type inference is related to the data type
`library in order to detect any flaws present in the system. Type inference is related to the data type
`rules for the variable. It determines whether the variables used in the program are in sync with the
`rules for the variable. It determines whether the variables used in the program are in sync with the
`type to which they relate. Constraint analysis is a two-step process. It involves- constraint
`type to which they relate. Constraint analysis is a two-step process. It involves- constraint
`generation and constraint solution [1].
`generation and constraint solution [1].
`
`Many tools based on the techniques mentioned above are developed. The first tool developed was
`Many tools based on the techniques mentioned above are developed. The first tool developed was
`FlexeLint. It uses pattern matching algorithm to detect flaws. Other tools developed are ITS4,
`FlexeLint. It uses pattern matching algorithm to detect flaws. Other tools developed are ITS4,
`SPLINT, UNO, FindBugs, Checkstyle, ESC/Java, and PMD. ITS4, Checkstyle and PMD are
`SPLINT, UNO, FindBugs, Checkstyle, ESC/Java, and PMD. ITS4, Checkstyle and PMD are
`based on lexical analysis; SPLINT is based on rule checking; UNO is based on model checking;
`based on lexical analysis; SPLINT is based on rule checking; UNO is based on model checking;
`ESC/Java is based on theorem proving and FindBugs is based on both lexical and dataflow
`ESC/Java is based on theorem proving and FindBugs is based on both lexical and dataflow
`analysis [1].
`analysis [1].
`
`These tools have been evaluated by analysing their performance in terms of false positives and
`These tools have been evaluated by analysing their performance in terms of false positives and
`false negatives. Many of them have low false positives, some produce accurate results and many
`false negatives. Many of them have low false positives, some produce accurate results and many
`witnessed high false negatives. Hence, static analysis techniques have many demerits associated
`witnessed high false negatives. Hence, static analysis techniques have many demerits associated
`with them. For instance, a loophole library or database is maintained which is used to validate the
`with them. For instance, a loophole library or database is maintained which is used to validate the
`vulnerabilities found in the program; however if an unknown vulnerability is detected, then it is
`vulnerabilities found in the program; however if an unknown vulnerability is detected, then it is
`not possible to compare it with the predefined loophole library for its validation [1].
`not possible to compare it with the predefined loophole library for its validation [1].
`
`Thus, to resolve the deficiencies associated with the static analysis, an approach was suggested
`Thus, to resolve the deficiencies associated with the static analysis, an approach was suggested
`that involved combining the dynamic detection strategy with static analysis.
`that involved combining the dynamic detection strategy with static analysis.
`
`2.2 ATTACKGRAPH ANALYSIS
`2.2 ATTACKGRAPH ANALYSIS
`
`Attack graph is defined as the succinct representation of all the paths followed by an attacker in a
`Attack graph is defined as the succinct representation of all the paths followed by an attacker in a
`network to achieve its desired state. The desired state may involve damaging the network,
`network to achieve its desired state. The desired state may involve damaging the network,
`stealing the network packets or gaining a complete access over it to determine what is going in
`stealing the network packets or gaining a complete access over it to determine what is going in
`the network.
`the network.
`
`114
`114
`
`

`

`International Journal on Computational Sciences & Applications (IJCSA) Vol.4, No.1, February 2014
`International Journal on Computational Sciences & Applications (IJCSA) Vol.4, No.1, February 2014
`Network security is a key aspect of security concern and many ways have been identified to
`Network security is a key aspect of security concern and many ways have been identified to
`protect it. The recent approach that has been included is the use of attack graphs. Attack graph has
`protect it. The recent approach that has been included is the use of attack graphs. Attack graph has
`become the most widely used approach with reference to network security.
`become the most widely used approach with reference to network security.
`
`Attack graphs help to determine the security weaknesses that lie in the network. System
`Attack graphs help to determine the security weaknesses that lie in the network. System
`administrators use it to analyze the network for its weaknesses that may allow an attacker to
`administrators use it to analyze the network for its weaknesses that may allow an attacker to
`exploit it and gain control over the network [2]. Attack graphs are usually large enough as they
`exploit it and gain control over the network [2]. Attack graphs are usually large enough as they
`represent the complete network with its underlying weaknesses, hence they are quite complex to
`represent the complete network with its underlying weaknesses, hence they are quite complex to
`understand and analyse. Both the generation and analysis of attack graph are significant for
`understand and analyse. Both the generation and analysis of attack graph are significant for
`protecting the network from security breaches.
`protecting the network from security breaches.
`
`The most common approach to generate an attack graph requires the analysis of vulnerabilities
`The most common approach to generate an attack graph requires the analysis of vulnerabilities
`that lie in the network and then using an attack graph generator, attack graphs can be generated
`that lie in the network and then using an attack graph generator, attack graphs can be generated
`[4]. The vulnerabilities could be identified with the help of various vulnerability scanners that are
`[4]. The vulnerabilities could be identified with the help of various vulnerability scanners that are
`designed for this purpose only. Specifically, Nessus is extensively used for the identification of
`designed for this purpose only. Specifically, Nessus is extensively used for the identification of
`the underlying vulnerabilities.
`the underlying vulnerabilities.
`
`Various other techniques have already been proposed for generating an attack graph as well as for
`Various other techniques have already been proposed for generating an attack graph as well as for
`their analysis. For instance, adjacency matrix clustering algorithm makes the complex attack
`their analysis. For instance, adjacency matrix clustering algorithm makes the complex attack
`graph simpler enough. It combines the blocks having similar attack graph pattern. The matrix
`graph simpler enough. It combines the blocks having similar attack graph pattern. The matrix
`represents the attack reachability within one step. For multiple steps, matrix is raised to a higher
`represents the attack reachability within one step. For multiple steps, matrix is raised to a higher
`power level [13].
`power level [13].
`
`Ranking algorithm is another approach, based on the rank of the attack graphs. The rank decides
`Ranking algorithm is another approach, based on the rank of the attack graphs. The rank decides
`the priority of an attack graph that is more applicable to attacker [14]. Another approach is a
`the priority of an attack graph that is more applicable to attacker [14]. Another approach is a
`game theoretic approach where the attacker and network administrator are considered as two
`game theoretic approach where the attacker and network administrator are considered as two
`players and a Nash equilibrium is applied that gives the administrator an idea of attacker’s
`players and a Nash equilibrium is applied that gives the administrator an idea of attacker's
`strategy and helps him to plan to do something in order to protect the network [12].
`strategy and helps him to plan to do something in order to protect the network [12].
`
`Table 1 above compares the various attack graph generation and analysis techniques and
`Table 1 above compares the various attack graph generation and analysis techniques and
`illustrates the advantages and disadvantages of each [2].
`illustrates the advantages and disadvantages of each [2].
`
`Technique
`
`Author
`
`Clustered
`adjacency
`matrix
`
`Steven Noel
`Sushi N9,514
`
`Hierarchical
`aggregation
`
`Steven Noel
`Sushi J jjRcLia
`
`Merits
`Automatic, parameter-
`free, and scales linearly
`with problem size
`
`Fran*work useful for
`both computational
`and cognitive scalability
`
`Demerits
`Need to calculate highest level of
`adjacency matrix for multistep
`reach
`li c,
`The process of interactive de-
`aggregation is potemiallytedious to
`determine low level details
`
`Minimization
`analysis
`
`S. Ma
`0. SI,asna
`J. Wing
`
`Ranking graph yaibbav
`Mehta
`C. ,Dartzi5,
`_aif,slig Thu
`Edmund
`Clarke
`J. Wing
`
`Identifies the smallest
`set of countermeasures
`required to prevent all
`possible attack paths
`Ease and flexibility of
`modelling
`
`Approach is limited to Directed
`Acyclic Graph
`
`Difficult for security manager to
`make decision on actions to protect
`network
`
`Game theoretic K.W. Lye
`Jeannette
`Wing
`
`Allows to know more
`about attacker's
`attack strategies
`
`Full state space is extremely large.
`
`Table 1: Comparison of the attack graph techniques
`Table 1: Comparison of the attack graph techniques
`
`115
`115
`
`

`

`International Journal on Computational Sciences & Applications (IJCSA) Vol.4, No.1, February 2014
`International Journal on Computational Sciences & Applications (IJCSA) Vol.4, No.1, February 2014
`3. VULNERABILITY SCANNERS
`3. VULNERABILITY SCANNERS
`
`A large number of applications are becoming online, but how secure are these products is a matter
`A large number of applications are becoming online, but how secure are these products is a matter
`of concern as it is related to the user’s security who will be ultimately using the application. Thus,
`of concern as it is related to the user's security who will be ultimately using the application. Thus,
`it becomes necessary to find out vulnerabilities present in the software application that may cause
`it becomes necessary to find out vulnerabilities present in the software application that may cause
`a severe risk to the user’s security [5].
`a severe risk to the user's security [5].
`
`Vulnerability assessment means identifying the vulnerabilities in the system before they could be
`Vulnerability assessment means identifying the vulnerabilities in the system before they could be
`used by anyone else with bad intentions of harming the network. This is a proactive approach
`used by anyone else with bad intentions of harming the network. This is a proactive approach
`where the vulnerability is found and is dealt with accordingly before anyone comes to know about
`where the vulnerability is found and is dealt with accordingly before anyone comes to know about
`it. More emphasis has always been laid on the firewall protection but the internal functionality
`it. More emphasis has always been laid on the firewall protection but the internal functionality
`does matter. Vulnerability assessment is not only performed on a particular application but it even
`does matter. Vulnerability assessment is not only performed on a particular application but it even
`correlates the platform on which the application is being run, middleware, operating system being
`correlates the platform on which the application is being run, middleware, operating system being
`used etc. It takes into consideration all the factors that can provide the correct answer for the
`used etc. It takes into consideration all the factors that can provide the correct answer for the
`assessment of the vulnerability and security of the system. Therefore, vulnerability scanners are
`assessment of the vulnerability and security of the system. Therefore, vulnerability scanners are
`used to scan the network system and/or the software applications.
`used to scan the network system and/or the software applications.
`
`Scanning can be of two types:
`Scanning can be of two types:
`
`a) Passive Scanning: In passive scanning, it is determined whether a tool can enlist the
`a) Passive Scanning: In passive scanning, it is determined whether a tool can enlist the
`vulnerabilities by considering the existing network.
`vulnerabilities by considering the existing network.
`b) Active Scanning: In active scanning, it is determined whether the queries can be made to
`b) Active Scanning: In active scanning, it is determined whether the queries can be made to
`the network for the vulnerability.
`the network for the vulnerability.
`
`Different categories of scanner are:
`Different categories of scanner are:
`
`a) Port Scanners: Port scanners are used to scan the ports for determining the open and
`a) Port Scanners: Port scanners are used to scan the ports for determining the open and
`closed ports, operating system, services offered.
`closed ports, operating system, services offered.
`b) Application Scanners: Application scanners are used to assess a specific application on
`b) Application Scanners: Application scanners are used to assess a specific application on
`the network in order to track its weaknesses that can be further used to cause the risk to
`the network in order to track its weaknesses that can be further used to cause the risk to
`the system.
`the system.
`c) Vulnerability Scanners: Vulnerability scanners are the ones that find out the
`c) Vulnerability Scanners: Vulnerability scanners are the ones that find out the
`vulnerabilities in the system which if accessed by a malicious user or hacker can put the
`vulnerabilities in the system which if accessed by a malicious user or hacker can put the
`whole network system at risk.
`whole network system at risk.
`
`Penetration testing is the other concept that follows the vulnerability assessment. With penetration
`Penetration testing is the other concept that follows the vulnerability assessment. With penetration
`testing, it is possible to make use of the loopholes or vulnerabilities to gain an unauthorised
`testing, it is possible to make use of the loopholes or vulnerabilities to gain an unauthorised
`access. It validates how effectively the system can respond to the real life attacks.
`access. It validates how effectively the system can respond to the real life attacks.
`
`OWASP (Open Web Application security Project) focuses on providing the better security of the
`OWASP (Open Web Application security Project) focuses on providing the better security of the
`software. It has enlisted commonly critical vulnerabilities that the application may be prone to.
`software. It has enlisted commonly critical vulnerabilities that the application may be prone to.
`These vulnerabilities when exploited provide the risk of losing security and confidentiality. For
`These vulnerabilities when exploited provide the risk of losing security and confidentiality. For
`instance, Injection vulnerability occurs due to the execution of a command or query for an
`instance, Injection vulnerability occurs due to the execution of a command or query for an
`untrusted data; Broken Authentication and Session Management, due to improper implementation
`untrusted data; Broken Authentication and Session Management, due to improper implementation
`of an application risks the user’s confidentiality. Cross Site Scripting, commonly referred as XSS
`of an application risks the user's confidentiality. Cross Site Scripting, commonly referred as XSS
`is another flaw in which attacker injects malicious script into web pages viewed by users and also
`is another flaw in which attacker injects malicious script into web pages viewed by users and also
`to bypass access controls. Insecure Direct Object References, in which developers unknowingly
`to bypass access controls. Insecure Direct Object References, in which developers unknowingly
`leave some holes which give a chance to attackers to access and manipulate directory, database
`leave some holes which give a chance to attackers to access and manipulate directory, database
`key. Cross Site Request Forgery or CSRF, is an attack where user is forged to click on a link that
`key. Cross Site Request Forgery or CSRF, is an attack where user is forged to click on a link that
`is intuitively designed to steal the cookies and other private details of the user. Sensitive data
`is intuitively designed to steal the cookies and other private details of the user. Sensitive data
`exposure is another area of vulnerability where the sensitive data such as credit card details,
`exposure is another area of vulnerability where the sensitive data such as credit card details,
`authentication credentials etc. are not secured which helps an attacker to conduct the fraud [15].
`authentication credentials etc. are not secured which helps an attacker to conduct the fraud [15].
`
`116
`116
`
`

`

`International Journal on Computational Sciences & Applications (IJCSA) Vol.4, No.1, February 2014
`International Journal on Computational Sciences & Applications (IJCSA) Vol.4, No.1, February 2014
`Next subsections discuss various scanners and the results obtained by scanning various web
`Next subsections discuss various scanners and the results obtained by scanning various web
`applications using these scanners.
`applications using these scanners.
`
`3.1 NMAP
`3.1 NMAP
`
`Nmap is a port scanner that is used to scan the ports. It takes an IP address or the host name and
`Nmap is a port scanner that is used to scan the ports. It takes an IP address or the host name and
`then finds the basic information related to it. If an IP address is provided, it then finds the host to
`then finds the basic information related to it. If an IP address is provided, it then finds the host to
`which it belongs to. It also finds the number of ports that are running on that particular host,
`which it belongs to. It also finds the number of ports that are running on that particular host,
`number of ports that are opened, number of closed ports, services provided by those ports, for
`number of ports that are opened, number of closed ports, services provided by those ports, for
`instance, whether services are TCP-oriented or FTP-oriented [10]. It even predicts the type of
`instance, whether services are TCP-oriented or FTP-oriented [10]. It even predicts the type of
`operating system being used on that particular host. The topology of the scanned host is recorded
`operating system being used on that particular host. The topology of the scanned host is recorded
`in the graphical format which shows the various gateways through which the local machine
`in the graphical format which shows the various gateways through which the local machine
`accesses that particular remote host.
`accesses that particular remote host.
`
`Considering the ports that are opened, an attack can be designed in order to have an unauthorised
`Considering the ports that are opened, an attack can be designed in order to have an unauthorised
`and a legitimate access to the host with a goal set in mind. Moreover, if the opened ports are
`and a legitimate access to the host with a goal set in mind. Moreover, if the opened ports are
`providing the services which are TCP-oriented or FTP-oriented, it becomes easy to gain access to
`providing the services which are TCP-oriented or FTP-oriented, it becomes easy to gain access to
`the host.
`the host.
`
`A number of various sites have been scanned using NMAP. The figure below depicts the results
`A number of various sites have been scanned using NMAP. The figure below depicts the results
`obtained after scanning RTU website.
`obtained after scanning RTU website.
`
`Scan
`
`lode Profile Help
`
`Target
`
`lvimmr.duaKan
`
`Command: nmap-T4-A-vmmvio.rtuadn
`
`, .4.4..
`
`Services
`
`Nmap Output Ports/ Hosts I Topology I Host Detail I Scans
`
`Profile
`
`f Irdensescan
`
`OS ( Host
`
`'
`
`V
`
`lovrvidtthacM(115.
`
`1921683137
`
`nrnap-T4-A-vwmwduacjn
`
` Scanning www.rtu.ac.in (115.178.96.9) [4 ports]
`Completed Ping Scan at 09:53, 0.27s elapsed (1 total hosts)
`Initiating Parallel DNS resolution of 1 host. at 09:53
`Completed Parallel DNS resolution of 1 host. at 09:53, 8.06s elapsed
`Initiating SYN Stealth Scan at 09:53
`Scanning www.rtu.ac.in (115.178.96.9) [1000 ports]
`Discovered open port 3306/tcp on 115.178.96.9
`Discovered open port 21/tcp on 115.178.96.9
`Discovered open port 111/tcp on 115.178.96.9
`Discovered open port 80/tcp on 115.178.96.9
`Discovered open port 443/tcp on 115.178.96.9
`Discovered open port 22/tcp on 115.178.96.9
`Discovered open port 8443/top on 115.178.96.9
`Increasing send delay for 115.178.96.9 from 0 to 5 due to max_successful_tryno increase to 5
`Increasing send delay for 115.178.96.9 from 5 to 10 due to max_successful_tryno increase to 6
`Completed SYN Stealth Scan at 09:54, 54.863 elapsed (1000 total ports)
`Initiating Service scan at 09:54
`Scanning 7 services on www.rtu.ac.in (115.178.96.9)
`Completed Service scan at 09:55, 77.73s elapsed (7 services on 1 host)
`Initiating RPCGrind Scan against www.rtu.ac.in (115.178.96 at 09:55
`Completed RPCGrind Scan against www.rtu.ac.in (115.178.96 at 09:55, 4.443 elapsed (1 port)
`Initiating OS detection (try 91) against www.rtu.ac.in (115.178.96.9)
`Retrying OS detection (try 92) against www.rtu.ac.in (115.178.96.9)
`Initiating Traceroute at 09:56
`
`Figure1. Nmap basic output for RTU website
`Figurel. Nmap basic output for RTU website
`
`Figure 1 shows the basic details of RTU website including the IP address, number of total ports
`Figure 1 shows the basic details of RTU website including the IP address, number of total ports
`available, number of open ports discovered, performing RPCGrind scan and much more other
`available, number of open ports discovered, performing RPCGrind scan and much more other
`relevant details.
`relevant details.
`
`117
`117
`
`

`

`International Journal on Computational Sciences & Applications (IJCSA) Vol.4, No.1, February 2014
`International Journal on Computational Sciences & Applications (IJCSA) Vol.4, No.1, February 2014
`
`In
`
`!Atria !t trine sten
`
`Scan _zos attic Help
`
`tesiel
`
`unaw.il to e.. n
`
`am' and
`
`^map -- 1 -A -venew.itu.ac. n
`
`Hosts I[ Sen.i...
`
`',map Output I Ports I Hosts I Tcpolocr, Host: e:a is I Sons
`
`5S e I-0.3
`/rain stu.ac in (1_3.
`
`--
`
`III, E21633.1E,
`
`n-nm.rt.s.oc..- (1151/3.3t.i.: ,
`
`HI tn....wads
`
`U last States
`State
`.a pied.
`
`NP
`t
`
`Intrusl ports 1
`C osed ports,
`SW
`
`1
`
`5csrned ports:
`Uc t me
`I ni. li 0
`
`.:tR.:
`_22
`Wm! Cit ,11 09:11:37 :013
`
`E Addresses
`9 Pv4 1' 71 :8.969
`
`tire Not r.vm able
`P/..1,C, Not aye able
`
`El Hastens,.
`
`tikrnr. —ypa an....to.ac. n uscr
`Mutt- —ype 1:7.17896.9 Ltc.kdapa.•set.i. s - PTR
`
`E Operating System
`tykrosaft1sAndows vista H crn e , rern urn
`SDI. W meant o' Sever 27.08
`
`Pik m.
`
`ALcusaty
`
`Figure2. Host details of RTU
`Figure2. Host details of RTU
`
`Figure 2 outlays the host details of RTU website which includes the host status that depicts the
`Figure 2 outlays the host details of RTU website which includes the host status that depicts the
`number of total ports scanned, number of open ports available, number of filtered ports. It shows
`number of total ports scanned, number of open ports available, number of filtered ports. It shows
`IPv4 address of the website ;IPv6 and MAC address are not available for this website. Further,
`IPv4 address of the website ;IPv6 and MAC address are not available for this website. Further,
`the type of operating system used and its accuracy of being correct is also illustrated. In this case,
`the type of operating system used and its accuracy of being correct is also illustrated. In this case,
`types of operating system detected may be Microsoft Windows Vista Home Premiu