This chapter covers the fundamental tools and techniques for finding live systems on a network, enumerating available services, and identifying as many details as possible remotely. We started collecting information about networks and systems in Chapter 4. Those tools abstracted the details of actions like port scanning and service identification into vulnerability reports for managing large networks. In Chapter 7 we explored more direct access to network services by using Netcat (and its clones) to manually interact with services.
Port scanning is one of the most mature aspects of hacking. It’s fundamental to ...