SANS SEC504: Hacker Tools, Techniques and Incident Handling — Question 25

Which of the following is the best method of accurately identifying the services running on a victim host?

Answer options

• A. Use of the manual method of telnet to each of the open ports.
• B. Use of a port scanner to scan each port to confirm the services running.
• C. Use of hit and trial method to guess the services and ports of the victim host.
• D. Use of a vulnerability scanner to try to probe each port to verify which service is running.

Correct answer: A

Explanation

The correct answer is A because using telnet allows for direct interaction with the service on the open port, providing immediate feedback on its identity. Options B and D may provide insights but are not as definitive as manually connecting to the service. Option C is unreliable and inefficient, as it relies on guessing rather than systematic identification.