Scanning tools

Scanning tools are the category of tools that we use to find more information about our target environment, the systems within it, and the details of those systems. With such tools, we can be very general, in the case of running ping sweeps; somewhat more specific, in the case of running port scans; or very specific, in the case of grabbing banners or enumerating users on particular systems.

Given the limits of our discussion on tools in this chapter, we have grouped network mapping, port scanning, and enumeration tools together in one section. Each of these areas could deservedly be the focus of its own chapter, but we will go over some of the highlights here.


Nmap is a wonderful tool. It is principally a port scanner, but can do quite a bit more as well. It can be used to ping IPs, detect vulnerabilities, fingerprint operating systems, run traceroutes, and much more. Almost all of the uses to which nmap can be put can also be tweaked in various ways to avoid detection, alter the speed at which it carries out its processes, change methods of communication, and more. Nmap is truly a versatile tool. Additionally,


Nessus is primarily a vulnerability scanning tool, but, as we discussed with nmap, a variety of other features have crept in over the years in order to add to its utility. Nesssus was, once upon a time, an entirely free and open source tool. In 2005, Nessus was changed to a closed source license, and certain features were restricted to the commercial version.

A free version is still available, but is limited in the circumstances under which it may be used and the vulnerability listing that it is allowed to access. An alternative open source solution has been created, which we will discuss later in this section.

Nessus classifies vulnerabilities into sets of plugins, with each family of plugins focusing on a particular type of vulnerability. These families include a variety of different operating systems, databases, protocols, and services. The professional plugin feed includes swift access to the newest plugins, and some reserved categories of plugins as well, such as those for detecting vulnerabilities in Supervisory Control and Data Acquisition (SCADA) systems


Protecting information from scanners can be a difficult prospect. If a scanner is positioned in such a way as to have network access, or be able to eavesdrop on network traffic, particularly if the target is exposed to the Internet, then we are likely vulnerable to scanning attacks.

A common maxim in martial arts is that “the best defense is to not be there” [5]. This concept directly applies to preventing information leakage to scanners. In our case, not being there means not sending traffic out in ways that it is easily visible to unauthorized listeners, not running services on standard ports, not sending unencrypted traffic, and any of a number of similar hardening measures.

Many scanning tools depend on services existing on common ports and open access to information to generate their reports. In many cases, until a version scan has been attempted, scanning tools will report a service to be running based on the associated port being open. For example, if the scanner finds a port open on 21, it will generally assume that the service behind it is FTP. Changing these basic parameters in an environment can very quickly invalidate the information being returned by a scanning tool and can force the attacker to put quite a bit more time and effort into discovering what exactly is running on a given device.

Go back


Ripple is a payment system and a digital currency which evolved completely independently of Bitcoin. Although Ripple holds the second highest market cap after Bitcoin, there are surprisingly no studies which analyze the provisions of Ripple. In this paper, we study the current deployment of the Ripple payment system. For that purpose, we overview the Ripple protocol and outline its security and privacy provisions in relation to the Bitcoin system. We also discuss the consensus protocol of Ripple. Contrary to the statement of the Ripple designers, we show that the current choice of parameters does not prevent the occurrence of forks in the system. To remedy this problem, we give a necessary and sufficient condition to prevent any fork in the system. Finally, we analyze the current usage patterns and trade dynamics in Ripple by extracting information from the Ripple global ledger. As far as we are aware, this is the first contribution which sheds light on the current deployment of the Ripple system.

xCurrent Ripple’s software that provides API-based messaging and transaction settlement based on an open, neutral protocol of value transfer between different ledgers and networks.

Solution Components

Messenger: – Messenger is an API-based messaging module that enables bidirectional communication between connected RippleNet banks. It connects to the beneficiary bank’s instance of Messenger to exchange KYC and risk information, fees, FX rates (if applicable), payment details and expected time of funds delivery. It packages this information and presents the entire cost structure to the originating bank, providing unprecedented visibility into the total cost of the transaction. If information is incorrect or missing, transacting parties will find out before initiating the transaction, drastically increasing straight through processing (STP) rates. Once the sender approves the transaction, Messenger employs ILP to settle funds and notifies all parties of the transaction confirmation.

Validator: – Validator is a component that cryptographically confirms the success or failure of a payment. It coordinates the funds movement across the ledgers of transacting parties in a way that removes all settlement risk and minimizes delays in settlement. Validator provides the single source of truth for the transacting counterparties regarding the success or failure of a payment.

FX Ticker: – FX Ticker is the component of xCurrent that facilitates the exchange between ledgers by enabling liquidity providers to post FX rates. This component provides the exchange rate between any pair of ledgers that it is configured with. Additionally, it keeps track of the account, currency and authentication credentials for each configured ILP Ledger. During the transaction, it coordinates transfers on ILP Ledgers for settlement, ensures the validity of an FX quote and transfers the payment amount to the beneficiary bank’s ILP Ledger.

ILP Ledger: – ILP Ledger is a sub ledger of each transacting bank’s general ledger. This component of xCurrent is utilized to the track the credits, debits and liquidity across the transacting parties. ILP Ledger enables transacting parties to settle funds atomically, which means the entire transaction settles instantly or not at all — no matter how many parties are involved. The ability to atomically settle enables new, low-value offerings through the ability to send real-time payments as the settlement of funds happens in milliseconds. Further, the settlement risk is eliminated because the payment processes entirely or fails upfront. ILP Ledger is designed to provide transacting banks with 24/7, on-demand availability. The combination of these capabilities allows banks to profitably offer low-value, on-demand international payments products and services.

Key Benefits

 Enhance Customer Acquisition and Retention

By delivering new products and services to retail and corporate customers — featuring high-speed, on-demand, cost-effective and traceable global payments — in both assisted and unassisted channels, it provides an opportunity re-engage and retain existing customers. xCurrent’s frictionless payment experience mitigates disintermediation from online, non-bank payment providers. The solution is a key competitive advantage and promotion-worthy offering to drive customer acquisition. Enhance Customer Acquisition and Retention

Lower Operational Costs

With xCurrent’s bidirectional messaging, banks can more efficiently exchange information regarding the sender, receiver, fees, rates, and delivery estimate and payment status to lower their operational cost of processing international payments. Payment processing costs are significantly reduced through xCurrent’s ability to increase STP rates and eliminate SWIFT fees. Treasury operations costs are decreased by lowering in-flight capital requirements, liquidity costs, counter party risk and compliance costs. Reconciliation costs are reduced due to xCurrent’s ability to provide instant confirmation and real-time liquidity monitoring.

Bitcoin Gold

What is Bitcoin Gold (BTG)

Bitcoin Gold (BTG) is a fork of the Bitcoin block chain. At block 491407, Bitcoin Gold miners will begin creating blocks with a new proof-of-work algorithm, and this will cause a bifurcation of the Bitcoin block chain. The original Bitcoin block chain will continue on unaltered, but a new branch of the block chain will split off from the original chain. The new branch is a distinct block chain with the same transaction history as Bitcoin up until the fork, but then diverges from it. As a result of this process, a new cryptocurrency is born and we gave it a name BITCOIN GOLD (BTG).

What is the purpose of Bitcoin Gold?

The purpose of Bitcoin Gold is to make Bitcoin mining decentralized again. Satoshi Nakamoto’s idealistic vision of “one CPU one vote” has been superseded by a reality where the manufacture and distribution of mining equipment has become dominated by a very small number of entities, some of which have engaged in abusive practices against individual miners and the Bitcoin network as a whole. By changing Bitcoin’s proof-of-work algorithm from SHA256 to Equihash, all of the specialized SHA256 mining equipment will be obsolete for mining the Bitcoin Gold blockchain. Thus, Bitcoin Gold will provide an opportunity for countless new people around the world to participate in the mining process with widely-available consumer hardware that is manufactured and distributed by reputable mainstream corporations. A more decentralized, democratic mining infrastructure is more resilient and more in line with Satoshi’s original vision.

How can I get Bitcoin Gold?

The Bitcoin Gold (BTG) initial coin distribution method is almost exactly the same as that used by the Bitcoin Cash fork of August 1. Everyone who held Bitcoin when block 491406 was mined automatically received Bitcoin Gold at the rate of 1 BTC = 1 BTG. (If you had 20 BTC at the time of the fork, you now also have 20 BTG.)

What wallet should I keep my BTC in to make sure I will receive BTG?

Some wallets may offer you direct access to your BTG, while others may require you to take additional technical steps. Verified wallets that support BTC and BTG side-by-side will be listed on the Bitcoin Gold home page. We will publish guides for retrieving BTG from the most popular wallets, including Bitcoin Core, Electrum, Mycelium, hardware wallets, paper wallets, and more.


A VPN is a virtual protected network, and using one anytime you are browsing online has multiple benefits in regard to your online security. If you are on a public Internet server, such as one at Starbucks, a hotel, or any other public place, there is likely no encryption provided, making any information that you send available to a hacker that would take the time to try to access it. And many, many hackers will take the time to try to access it! A VPN can prevent this scenario because it reroutes all of your Internet browsing through a private server, making it inaccessible to private eyes.

Another benefit of a VPN is that you can access websites without being watched by a third party, such as a government entity. This is possible because you can set your VPN to route all of your Internet browsing through a server in a foreign country. If you are traveling, some countries censor certain websites, especially those that involve any kind of governmental dissent. Using a VPN will allow you to gain full access to all of those websites.

Yet another benefit of using a VPN is that you can protect your VOIP calls, such as those made over Skype or FaceTime. VOIP calls are so easy to access that even a novice hacker can break into them. The thought that someone else is listening in on your private phone calls can be unnerving at best and dangerous at worst, especially if you are sharing any kind of confidential information that you don’t want other people to be privy to.

Another benefit of using a VPN is that when you use a search engine, such as Google or Yahoo!, your searches won’t be recorded. Any time you run a search through a search engine, that search gets saved under your name. For example, if you use Google to perform a search on a device that is authorized to access your Gmail account, anytime you access your Gmail account on a different device, the results of that search will follow you. This is so that you don’t have to re-enter previous searches (it’s meant to be a convenient for you) and so that ads can better target potential customers. However, some of your searches may be a little bit embarrassing. If you search for dating advice and then that search re-appears on your date’s laptop when you use it to access your email, you may be a bit embarrassed! Some scenarios are not embarrassing but actually dangerous, especially if you are in a line of work that requires you to research difficult topics such as war crimes or brothels. Using a VPN will prevent your searches from being recorded.

Perhaps the most important reason to always use a VPN is because privacy is a right that has lately turned into a commodity. Very few people actually experience online privacy because their every move online can be tracked, either by hackers or the government. If you believe that privacy is a right that is worth protecting, then you need to make sure that you are always, ALWAYS using a VPN.

Go back


Don’t Share Passwords

Never, ever, ever let anyone — save for possibly your significant other, and even then, many people don’t share their passwords — know what your passwords are. The temptation to access your online accounts and use them for personal gain and benefit may prove to be too much for even the most scrupulous friends.

The fact is that you are responsible for any activity under your accounts. If fraudulent activity occurs, you may be responsible for it until you can prove that someone else accessed your account without your permission.

Sometimes, you may need to give a trusted friend a password so that he or she can access information for you while you are not able. In that event, you need to change your password as soon as that friend no longer needs to access your information. You also need to closely monitor all activity into and out of that account. Politely thank your friend for his or her assistance and then let him or her know that you will be changing the password.

Go back


Frequently Change Passwords

Some people never change their passwords. Ever. Even if they get locked out of an account and are requested to change their passwords to protect their security, they either refuse to do so or, after changing it, immediately change it back to what it was. This action is understandable. After all, you may have your email login information saved onto your own devices, and then when you need to access your email from another computer, you may not have any idea what you changed your password to. You may either have to change your password altogether or just give up on trying to log in from a different computer. The process is enough to frustrate anyone.
However, not changing your passwords can be just as damaging as using the same password for multiple accounts. At any given time, somebody may be on the brink of deciphering one of your passwords.
Imagine that someone was able to figure out the password to your online bank account and was able to access it!
As a rule of thumb, you need to change your passwords at least every six months. Anytime you get an email suggesting that unauthorized activity may have been carried out on an account, you need to change that account’s password right away. If you must use password recovery to get into an account that you are locked out of, do not change your password into an old, previously used password.

Go back


Don’t Reuse Passwords

Many people don’t even think about using different passwords for different accounts. After all, having multiple passwords makes keeping track of them difficult. Having just one password means that you can log into all of your accounts with ease, without even having to think about what the password is.

However, this could potentially open you up to hackers compromising your accounts.

Having multiple passwords is understandably challenging. You may insist that your password for your email account is asdf1234kjb, but that is actually the password for your Facebook account. The frustration and anxiety created by not being able to keep up with multiple passwords can either make you give up or drive you to the brink of your sanity. However, reusing passwords for multiple accounts makes hacking into your accounts easier. If someone figures out the password into just one of those accounts, that person may have access to your email, Facebook, bank account, Amazon account, the list goes on. By the time the damage is discovered, you could be out hundreds or even thousands of dollars, as well as have embarrassing pictures posted on your social media.

One way to make the challenge of having multiple passwords easier is to keep a document of passwords on your desktop or phone. Beware, though. Make sure that this document is encrypted and password protected.

If anybody was to gain access to it, all of your accounts could be compromised..”

Go back


Use Difficult Passwords

Many times, hackers target online accounts that are password protected. One of the easiest ways for them to gain access is for you to have easy passwords. In addition, unscrupulous family, friends, or co-workers may try to break into your accounts by trying to guess what your passwords are.

Many people use common things for their passwords, such as their favourite foods, the name of one of their children, the name of their significant other, favourite plants or animals, a nickname, or the name of a pet.

Other common passwords include a series of numbers such as 123456789 or variations of “password.”

These passwords are way too obvious! If you have a password such as one of the above, anyone who knows you well will be able to easily figure it out, especially if you have a password hint. Then, your password is a dead giveaway.

Use a difficult combination of numbers, letters, and symbols to create difficult passwords that people will not be able to crack. A password such as “fvxo6997!?” will be much, much more difficult to figure out than “justinsgirl.”

Go back



Ransomware is software that encrypts all the contents of a hard drive and then extorts payment, usually in bitcoins, in order to get the unlock code. When the ransom is paid, the decryption key is given to the victim who can then recover the encrypted data. Some ransomware can even encrypt any attached backup drives. Ransomware can and has been used against many individuals and was recently used against several hospitals. The use of ransomware is a very lucrative area for the bad actors—the offensive team. Some bad actors have capitalized even more on their investments by running ransomware help desks. To pay or not to pay, that will be the dilemma when ransomware strikes you or your company.