Exam 312-50v11 topic 1 question 147 discussion

Botnets - Scanning Methods for Finding Vulnerable Machines Hit-list Scanning - The attacker scans the list to find a vulnerable machine. On finding one, the attacker installs malicious code on it and divides the list in half. The attacker continues to scan one half, whereas the other half is scanned by the newly compromised machine. This process keeps repeating, causing the number of compromised machines to increase exponentially. (P.1337/1321)

Random Scanning - The infected machine probes IP addresses randomly from the target network IP range and checks for vulnerabilities Hit-list Scanning - An attacker first collects a list of potentially vulnerable machines and then scans them to find vulnerable machines Topological Scanning - It uses information obtained from an infected machine to find new vulnerable machines Local Subnet Scanning - The infected machine looks for new vulnerable machines in its own local network Permutation Scanning - It uses a pseudorandom permutation list of IP addresses to find new vulnerable machines

Through scanning, an attacker first collects a list of potentially vulnerable machines and then creates a zombie army. Subsequently, the attacker scans the list to find a vulnerable machine. On finding one, the attacker installs malicious code on it and divides the list in half. The attacker continues to scan one half, whereas the other half is scanned by the newly compromised machine. This process keeps repeating, causing the number of compromised machines to increase exponentially. This technique ensures the installation of malicious code on all the potentially vulnerable machines in the hit list within a short time. Certified Ethical Hacker (CEH) Version 12 eBook page 954

Ans is D because topological scanning is alternative of hit list but scans newly vulneral machine , here newly word is used

Hit List Scanning: An attacker first collects a list of potentially vulnerable machines and then scans them to find vulnerable machines

The correct answer is c: Hit-list scanning technique.

C Hit-List Scan

Hit-list Scanning Through scanning, an attacker first collects a list of potentially vulnerable machines and then creates a zombie army. Subsequently, the attacker scans the list to find a vulnerable machine. On finding one, the attacker installs malicious code on it and divides the list in half. The attacker continues to scan one half, whereas the other half is scanned by the newly compromised machine. This process keeps repeating, causing the number of compromised machines to increase exponentially. This technique ensures the installation of malicious code on all the potentially vulnerable machines in the hit list within a short time.

Before the worm is free, the worm author collects a listing of say ten,000 to 50,000 potentially vulnerable machines, ideally ones with sensible network connections. The worm begins scanning down the list. once it infects a machine, it divides the hit-list in half, communicating half to the recipient worm, keeping the other half. This fast division ensures that even if only 10-20% of the machines on the hit-list are actually vulnerable, an active worm can quickly bear the hit-list and establish itself on all vulnerable machines in only some seconds. though the hit-list could begin at 200 kilobytes, it quickly shrinks to nothing during the partitioning. This provides a great benefit in constructing a quick worm by speeding the initial infection.

Correct answer is C

D is correct

An attacker first collects a list of potentially vulnerable machines and then scans them to find vulnerable machines

answer c. Through scanning, an attacker first collects a list of potentially vulnerable machines and then creates a zombie army. Subsequently, the attacker scans the list to find a vulnerable machine. On finding one, the attacker installs malicious code on it and divides the list in half.

correct answer

Correct answer

correct