During an external assessment, a penetration tester must identify Internet-connected devices that expose a vendor-specific remote-management service on TCP port 7547. The tester wants results quickly and prefers not to launch her own Internet-wide scan. Which approach will BEST locate hosts running that service?
Run Nmap against the entire IPv4 range with the port 7547 option enabled
Use theHarvester to collect email addresses linked to devices on port 7547
Analyze the organization's firewall and IDS logs for traffic on port 7547
Submit a Shodan search filtered for port 7547 and the service name
Querying Shodan for port 7547 returns a list of public IP addresses whose banners show that port open, because Shodan continuously scans the global IPv4 space and stores service data. Running a full-Internet Nmap scan is slow and often disallowed, reviewing internal logs will not reveal external hosts, and email harvesting provides no port data.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is Shodan and how is it used in penetration testing?
Open an interactive chat with Bash
Why is TCP port 7547 important and what is its primary use?
Open an interactive chat with Bash
What information does a service banner provide during reconnaissance?