Subtitles of the Movie

The last network scanning tool that we're going to talk about is a fairly new tool. It's actually called Overlook Fing. Now, Fing is a, as I said, a fairly new network scanner and it comes from the same developers as the Look@Lan folks. Look@Lan is probably going to eventually become Fing in its full form. Right now Fing is pretty much an in-development tool. Now, it's used for scanning networks to determine live hosts, operating systems and services and while it's not mature yet, there's some promise out there for it. It can run on various platforms, unlike its predecessor Look@Lan. Look@Lan was pretty much geared towards Windows and Fing can be run on Windows or other operating systems. Now, as of right now, Fing is only a Command Line interface, although there is a GUI in development. On a Windows box it has to be installed and it's a very easy, step-by-step, you know, click the next button type of installation. The only thing with Fing is that you really have to know the switches and pre-configure some things and that's not very difficult to do. Let's go ahead and take a look at Fing and how to use it. OK, we're in a Windows command prompt and let's go ahead and take a quick look at how Fing works. Once Fing's installed, it's actually very easy to run. You should put the path to the Fing executable in your default path so that you can run it from anywhere on the box. It's actually as typing in the word Fing though. Now, there are some options we'll cover in just a moment but if you run Fing, it'll go out and look at any available network on your box and start scanning those networks. And it's just going to give you a few pieces of information right up front. It's going to tell you what hosts are up and so forth. Now, it will do this every so often. For example, down here it's telling me the next round is starting at 9:30. Now, we're going to Control C to exit that and that was just a very basic Fing scan. There's other things we can do as well and Fing actually has some more complex options we'll talk about in just a moment. If you type Fing and then -N, you specify a particular network if you want. It does not have to be the network that your computer is connected to. We're going to go ahead and specify 172.16.30.0/24 which is the same network but we could specify a different one if we were connected to one. And it's going to give us pretty much the same information only we've specified which network. Now, the other thing we can do is specify a particular service scan. Now, a particular service scan will give us information on a particular box so we could type in Fing, there we go, Fing and -S and specify a box; 172.16.30.20 for example and then we would get a scan started on that box. So we've got a discovery scan started on that. As you can see, Fing -S 172.16.30.20 has started a service scan on that box so now it's telling us what services are open and it'll tell us a little bit of information about the service itself; what port it's running and so forth. So Fing can be a very rudimentary foot printing tool in that it can give us live hosts on a network and we can hit a particular host and use that information to determine what services that host is running so we can possibly exploit those services. Now, there is a particularly good help file online with Fing that you can get from Overlook and if we look at that Fing manual, it shows the different options and stuff and actually there are some, there are some particularly useful options out there. There's also properties files that you have to actually use to configure Fing's defaults but there's different options you can use once you configure those properties and usually they're in program files on a Windows box or/etc./Fing on Linux and Mac. As I said, Fing will run under a variety of platforms. But you can also do logging from Fing, especially if you're getting a lot of information, you can, it's useful to put it into a log. There's different options for that and we'll send it to HTML of course and there's different other options you can use to get information out of Fing. So it, on the surface it seems like a very simplistic tool but it's actually some good options with Fing and it's again, a little bit, it's not mature just yet but it's being worked on. Soon there's going to be a GUI for it I've heard and it's going to have pretty much full functionality like Look@Lan did but a lot more than that and it'll be able to be run on different platforms. So it's a very promising tool so keep an eye on it and see how it develops and you'll probably find it's very useful for your toolbox as well.