O'Reilly logo

Mac® Security Bible by Joe Kissell

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

20.2. Network Mapping

The first piece of information anyone needs to know in order to mount a successful attack on a computer is where to find it on the network. In other words, the attacker needs to discover a computer's IP address. On most networks, only a subset of the possible IP addresses are in use, so the trick is to narrow down all the possible addresses (which may be a handful or many thousands) to just those that are active. The process of examining a network (either the local network to which a computer is directly connected or a remote network) to find all the IP addresses in use is called network mapping. You may also hear this called by any number of other names, including host discovery, host scanning, and network device location scanning —or by terms referring to a particular type of scanning, such as ICMP probing or ping sweeps.

If a program did nothing other than produce a list of valid IP addresses on a network, that would count as network mapping and could, in and of itself, be useful. However, because an attacker ultimately needs considerably more to go on than an IP address, network mapping usually entails other tasks too, including at least basic sorts of fingerprinting (mentioned earlier) and port scanning (discussed later in this chapter). Most of the software you can use for network mapping optionally does these other tasks too.

Examining the network to which one is currently connected is fast and convenient, and assuming the computer doing the scanning ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required