SlideShare una empresa de Scribd logo

Nmap Basics

A
amiable_indian

Nmap is an open source tool that can scan networks to discover available hosts, services on hosts, operating systems and versions running on hosts, types of firewalls and filters in place, and other network details. It works across Linux, Windows, and other platforms. Nmap uses raw IP packets to gather this information, which can help identify security issues but also be used by attackers for reconnaissance. The tool supports various types of scans with different tradeoffs between stealthiness and information discovered. While Nmap has both command line and GUI interfaces, advanced usage requires command line expertise.

Tecnología
1 de 16
Descargar para leer sin conexión
Nmap basics Maniac
Nmap Basics - Overview What is nmap? Nmap, short for quot;network mapperquot;, is an open source utility which can quickly scan broad ranges of devices and provide valuable information about the devices on your network. It can be used for IT auditing and asset discovery as well as for security profiling of the network.
Nmap Basics - Overview What does nmap do? Nmap uses raw IP packets to determine what hosts are available on the network, the services that are enabled, the operating system and version of the host, what sort of firewall or packet filters are in place and many other aspects of the network. The information can be used both proactively to identify and correct security holes and by attackers to perform reconnaissance about the types and quantities of targets available and what weaknesses exist.
Nmap Basics - Overview Nmap runs on? Nmap is available for a wide range of operating system platforms. The standard download is a compressed file containing the UNIX version (which runs on Linux, Solaris, Free/Net/OpenBSD, and Mac OS X) and the Windows version as well as NmapFE, the X-Windows front end for UNIX, and NmapWIN, the recommended Windows GUI for Nmap.
Nmap Basics - Overview Nmap can perform a wide range of scans. Some are more aggressive and blatant, while some are designed to be stealthy and scan undetected. Depending on the type of scan performed, different information can be discovered as well.
Nmap Basics - Overview Connect SYN Stealth FIN, Xmas, Null Ping UDP Scan IP Protocol Scan Some of the scan types are: ACK Scan Window Scan RPC Scan List Scan FTP Bounce
Nmap Basics - First Scan How hard is nmap to use? Nmap’s ability to be run from both the command line and from a GUI enable most people to get the tool up and running very quickly. Advanced features require more command line and technical expertise to use the tool effectively.
Nmap Basics - First Scan Windows users take heed: Windows XP Service Pack 2 is shoddily supported due to the fact that Microsoft removed the socket layer from the Operating System. Furthermore, hacks and workarounds that have been discovered to get nmap to work results in Microsoft patching up this hole shortly thereafter. With this in note, your mileage may vary.
Nmap Basics - First Scan Basic nmap scan example.
Nmap Basics - First Scan Application IP Addresses scanned Time and date of the scan Ports discovered State of the port The type of service this port typically is Total number of IP Addresses scanned IP addresses found to be active Number of seconds to complete the scan
Nmap Basics - Version Detection What is host detection? Host detection is a feature of nmap that tells it to further analyze what the packet behavior is, and assess what Operating System the target host is based on it’s analysis. Ok, well what about version detection then? Version detection expands on host detection by also querying the ports nmap finds open for what the service is.
Nmap Basics - Version Detection Example output from the version detection flag. Service Info Service Version Unknown Fingerprint Unknown Service Identifier
Nmap Basics - Version Detection Example of host detection. Operating System Information
Nmap Basics - Pinging How does nmap identify hosts? Nmap by default will perform either a TCP SYN or a TCP Connect ping to gather active hosts. In some cases nmap will even use ARP pinging to identify hosts as well. How can you turn off pinging? The -P0 (P<zero>) switch will turn this feature off.
Nmap Basics This concludes “Hacking With Nmap, Part 1”
Nmap Basics Information Gathered from: Insecurity.org - The home of Nmap Netsecurity.about.com - Providers of the much of the Overview material.

Recomendados

Nmap
NmapNmap
Nmap
Sreekanth Narendran
 
Nmap basics
Nmap basicsNmap basics
Nmap basics
n|u - The Open Security Community
 
NMap
NMapNMap
NMap
Pritesh Raka
 
Nmap(network mapping)
Nmap(network mapping)Nmap(network mapping)
Nmap(network mapping)
shwetha mk
 
NMAP
NMAPNMAP
NMAP
PrateekAryan1
 
Nmap
NmapNmap
Nmap
Megha Sahu
 
Nmap commands
Nmap commandsNmap commands
Nmap commands
Kailash Kumar
 
Recon with Nmap
Recon with Nmap Recon with Nmap
Recon with Nmap
OWASP Delhi
 

Recomendados

Nmap
NmapNmap
Nmap
Sreekanth Narendran
 
Nmap basics
Nmap basicsNmap basics
Nmap basics
n|u - The Open Security Community
 
NMap
NMapNMap
NMap
Pritesh Raka
 
Nmap(network mapping)
Nmap(network mapping)Nmap(network mapping)
Nmap(network mapping)
shwetha mk
 
NMAP
NMAPNMAP
NMAP
PrateekAryan1
 
Nmap
NmapNmap
Nmap
Megha Sahu
 
Nmap commands
Nmap commandsNmap commands
Nmap commands
Kailash Kumar
 
Recon with Nmap
Recon with Nmap Recon with Nmap
Recon with Nmap
OWASP Delhi
 
Understanding NMAP
Understanding NMAPUnderstanding NMAP
Understanding NMAP
Phannarith Ou, G-CISO
 
NMAP - The Network Scanner
NMAP - The Network ScannerNMAP - The Network Scanner
NMAP - The Network Scanner
n|u - The Open Security Community
 
Hacking With Nmap - Scanning Techniques
Hacking With Nmap - Scanning TechniquesHacking With Nmap - Scanning Techniques
Hacking With Nmap - Scanning Techniques
amiable_indian
 
Nmap basics
Nmap basicsNmap basics
Nmap basics
itmind4u
 
Nmap tutorial
Nmap tutorialNmap tutorial
Nmap tutorial
Varun Kakumani
 
Scanning with nmap
Scanning with nmapScanning with nmap
Scanning with nmap
commiebstrd
 
Network scanning
Network scanningNetwork scanning
Network scanning
MD SAQUIB KHAN
 
Nmap Hacking Guide
Nmap Hacking GuideNmap Hacking Guide
Nmap Hacking Guide
Aryan G
 
Packet Sniffer
Packet Sniffer Packet Sniffer
Packet Sniffer
vilss
 
Network Mapper (NMAP)
Network Mapper (NMAP)Network Mapper (NMAP)
Network Mapper (NMAP)
KHNOG
 
FastNetMon Advanced DDoS detection tool
FastNetMon Advanced DDoS detection toolFastNetMon Advanced DDoS detection tool
FastNetMon Advanced DDoS detection tool
Pavel Odintsov
 
Intrusion Detection System using Snort
Intrusion Detection System using Snort Intrusion Detection System using Snort
Intrusion Detection System using Snort
webhostingguy
 
Iptables Configuration
Iptables ConfigurationIptables Configuration
Iptables Configuration
stom123
 
20210906-Nessus-FundamentalInfoSec.ppsx
20210906-Nessus-FundamentalInfoSec.ppsx20210906-Nessus-FundamentalInfoSec.ppsx
20210906-Nessus-FundamentalInfoSec.ppsx
Suman Garai
 
Prensentation on packet sniffer and injection tool
Prensentation on packet sniffer and injection toolPrensentation on packet sniffer and injection tool
Prensentation on packet sniffer and injection tool
Issar Kapadia
 
Nmap scripting engine
Nmap scripting engineNmap scripting engine
Nmap scripting engine
n|u - The Open Security Community
 
Nmap
NmapNmap
Nmap
Fat-Thing Gabriel-Culley
 
Metasploit framwork
Metasploit framworkMetasploit framwork
Metasploit framwork
Deepanshu Gajbhiye
 
Port scanning
Port scanningPort scanning
Port scanning
Hemanth Pasumarthi
 
SplunkLive 2011 Beginners Session
SplunkLive 2011 Beginners SessionSplunkLive 2011 Beginners Session
SplunkLive 2011 Beginners Session
Splunk
 
Nmap basics-1198948509608024-3
Nmap basics-1198948509608024-3Nmap basics-1198948509608024-3
Nmap basics-1198948509608024-3
Harsh Desai
 
Zen map
Zen mapZen map
Zen map
harisnaved
 

Más contenido relacionado

La actualidad más candente

Hacking With Nmap - Scanning Techniques
Hacking With Nmap - Scanning TechniquesHacking With Nmap - Scanning Techniques
Hacking With Nmap - Scanning Techniques
amiable_indian
 
Intrusion Detection System using Snort
Intrusion Detection System using Snort Intrusion Detection System using Snort
Intrusion Detection System using Snort
webhostingguy
 
20210906-Nessus-FundamentalInfoSec.ppsx
20210906-Nessus-FundamentalInfoSec.ppsx20210906-Nessus-FundamentalInfoSec.ppsx
20210906-Nessus-FundamentalInfoSec.ppsx
Suman Garai
 
SplunkLive 2011 Beginners Session
SplunkLive 2011 Beginners SessionSplunkLive 2011 Beginners Session
SplunkLive 2011 Beginners Session
Splunk
 

La actualidad más candente (20)

Understanding NMAP
Understanding NMAPUnderstanding NMAP
Understanding NMAP
 
NMAP - The Network Scanner
NMAP - The Network ScannerNMAP - The Network Scanner
NMAP - The Network Scanner
 
Hacking With Nmap - Scanning Techniques
Hacking With Nmap - Scanning TechniquesHacking With Nmap - Scanning Techniques
Hacking With Nmap - Scanning Techniques
 
Nmap basics
Nmap basicsNmap basics
Nmap basics
 
Nmap tutorial
Nmap tutorialNmap tutorial
Nmap tutorial
 
Scanning with nmap
Scanning with nmapScanning with nmap
Scanning with nmap
 
Network scanning
Network scanningNetwork scanning
Network scanning
 
Nmap Hacking Guide
Nmap Hacking GuideNmap Hacking Guide
Nmap Hacking Guide
 
Packet Sniffer
Packet Sniffer Packet Sniffer
Packet Sniffer
 
Network Mapper (NMAP)
Network Mapper (NMAP)Network Mapper (NMAP)
Network Mapper (NMAP)
 
FastNetMon Advanced DDoS detection tool
FastNetMon Advanced DDoS detection toolFastNetMon Advanced DDoS detection tool
FastNetMon Advanced DDoS detection tool
 
Intrusion Detection System using Snort
Intrusion Detection System using Snort Intrusion Detection System using Snort
Intrusion Detection System using Snort
 
Iptables Configuration
Iptables ConfigurationIptables Configuration
Iptables Configuration
 
20210906-Nessus-FundamentalInfoSec.ppsx
20210906-Nessus-FundamentalInfoSec.ppsx20210906-Nessus-FundamentalInfoSec.ppsx
20210906-Nessus-FundamentalInfoSec.ppsx
 
Prensentation on packet sniffer and injection tool
Prensentation on packet sniffer and injection toolPrensentation on packet sniffer and injection tool
Prensentation on packet sniffer and injection tool
 
Nmap scripting engine
Nmap scripting engineNmap scripting engine
Nmap scripting engine
 
Nmap
NmapNmap
Nmap
 
Metasploit framwork
Metasploit framworkMetasploit framwork
Metasploit framwork
 
Port scanning
Port scanningPort scanning
Port scanning
 
SplunkLive 2011 Beginners Session
SplunkLive 2011 Beginners SessionSplunkLive 2011 Beginners Session
SplunkLive 2011 Beginners Session
 

Similar a Nmap Basics

Nmap | Network Mapping | Null Bhopal Chapter
Nmap | Network Mapping | Null Bhopal ChapterNmap | Network Mapping | Null Bhopal Chapter
Nmap | Network Mapping | Null Bhopal Chapter
Yugansh Holani
 
Security & ethical hacking
Security & ethical hackingSecurity & ethical hacking
Security & ethical hacking
Amanpreet Singh
 
Lab-5 Scanning and Enumeration Reconnaissance and inform.docx
Lab-5 Scanning and Enumeration Reconnaissance and inform.docxLab-5 Scanning and Enumeration Reconnaissance and inform.docx
Lab-5 Scanning and Enumeration Reconnaissance and inform.docx
LaticiaGrissomzz
 

Similar a Nmap Basics (20)

Nmap basics-1198948509608024-3
Nmap basics-1198948509608024-3Nmap basics-1198948509608024-3
Nmap basics-1198948509608024-3
 
Zen map
Zen mapZen map
Zen map
 
Nmap
NmapNmap
Nmap
 
NMAP1.ppt
NMAP1.pptNMAP1.ppt
NMAP1.ppt
 
NMap 101 offline meetup by CyberForge Academy
NMap 101 offline meetup by CyberForge AcademyNMap 101 offline meetup by CyberForge Academy
NMap 101 offline meetup by CyberForge Academy
 
Nmap | Network Mapping | Null Bhopal Chapter
Nmap | Network Mapping | Null Bhopal ChapterNmap | Network Mapping | Null Bhopal Chapter
Nmap | Network Mapping | Null Bhopal Chapter
 
Security & ethical hacking
Security & ethical hackingSecurity & ethical hacking
Security & ethical hacking
 
Security & ethical hacking p2
Security & ethical hacking p2Security & ethical hacking p2
Security & ethical hacking p2
 
Contents namp
Contents nampContents namp
Contents namp
 
Contents namp
Contents nampContents namp
Contents namp
 
Nmap and metasploitable
Nmap and metasploitableNmap and metasploitable
Nmap and metasploitable
 
Lab-5 Scanning and Enumeration Reconnaissance and inform.docx
Lab-5 Scanning and Enumeration Reconnaissance and inform.docxLab-5 Scanning and Enumeration Reconnaissance and inform.docx
Lab-5 Scanning and Enumeration Reconnaissance and inform.docx
 
A REVIEW ON NMAP AND ITS FEATURES
A REVIEW ON NMAP AND ITS FEATURESA REVIEW ON NMAP AND ITS FEATURES
A REVIEW ON NMAP AND ITS FEATURES
 
Nmap for Scriptors
Nmap for ScriptorsNmap for Scriptors
Nmap for Scriptors
 
This Assignment consists of Amazon Web services
This Assignment consists of Amazon Web servicesThis Assignment consists of Amazon Web services
This Assignment consists of Amazon Web services
 
Null Delhi chapter - Feb 2019
Null Delhi chapter - Feb 2019Null Delhi chapter - Feb 2019
Null Delhi chapter - Feb 2019
 
Christchurch ISIG 27 oct2015
Christchurch ISIG 27 oct2015Christchurch ISIG 27 oct2015
Christchurch ISIG 27 oct2015
 
Practical White Hat Hacker Training - Active Information Gathering
Practical White Hat Hacker Training - Active Information GatheringPractical White Hat Hacker Training - Active Information Gathering
Practical White Hat Hacker Training - Active Information Gathering
 
Scanning and Enumeration in Cyber Security.pptx
Scanning and Enumeration in Cyber Security.pptxScanning and Enumeration in Cyber Security.pptx
Scanning and Enumeration in Cyber Security.pptx
 
Nagios Conference 2013 - Spenser Reinhardt - Intro to Network Monitoring Usin...
Nagios Conference 2013 - Spenser Reinhardt - Intro to Network Monitoring Usin...Nagios Conference 2013 - Spenser Reinhardt - Intro to Network Monitoring Usin...
Nagios Conference 2013 - Spenser Reinhardt - Intro to Network Monitoring Usin...
 

Más de amiable_indian

Phishing As Tragedy of the Commons
Phishing As Tragedy of the CommonsPhishing As Tragedy of the Commons
Phishing As Tragedy of the Commons
amiable_indian
 
Cisco IOS Attack & Defense - The State of the Art
Cisco IOS Attack & Defense - The State of the Art Cisco IOS Attack & Defense - The State of the Art
Cisco IOS Attack & Defense - The State of the Art
amiable_indian
 
Secrets of Top Pentesters
Secrets of Top PentestersSecrets of Top Pentesters
Secrets of Top Pentesters
amiable_indian
 
Workshop on Wireless Security
Workshop on Wireless SecurityWorkshop on Wireless Security
Workshop on Wireless Security
amiable_indian
 
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...
amiable_indian
 
Workshop on BackTrack live CD
Workshop on BackTrack live CDWorkshop on BackTrack live CD
Workshop on BackTrack live CD
amiable_indian
 
Reverse Engineering for exploit writers
Reverse Engineering for exploit writersReverse Engineering for exploit writers
Reverse Engineering for exploit writers
amiable_indian
 
State of Cyber Law in India
State of Cyber Law in IndiaState of Cyber Law in India
State of Cyber Law in India
amiable_indian
 
AntiSpam - Understanding the good, the bad and the ugly
AntiSpam - Understanding the good, the bad and the uglyAntiSpam - Understanding the good, the bad and the ugly
AntiSpam - Understanding the good, the bad and the ugly
amiable_indian
 
Reverse Engineering v/s Secure Coding
Reverse Engineering v/s Secure CodingReverse Engineering v/s Secure Coding
Reverse Engineering v/s Secure Coding
amiable_indian
 
Network Vulnerability Assessments: Lessons Learned
Network Vulnerability Assessments: Lessons LearnedNetwork Vulnerability Assessments: Lessons Learned
Network Vulnerability Assessments: Lessons Learned
amiable_indian
 
Economic offenses through Credit Card Frauds Dissected
Economic offenses through Credit Card Frauds DissectedEconomic offenses through Credit Card Frauds Dissected
Economic offenses through Credit Card Frauds Dissected
amiable_indian
 
Immune IT: Moving from Security to Immunity
Immune IT: Moving from Security to ImmunityImmune IT: Moving from Security to Immunity
Immune IT: Moving from Security to Immunity
amiable_indian
 
Reverse Engineering for exploit writers
Reverse Engineering for exploit writersReverse Engineering for exploit writers
Reverse Engineering for exploit writers
amiable_indian
 
Hacking Client Side Insecurities
Hacking Client Side InsecuritiesHacking Client Side Insecurities
Hacking Client Side Insecurities
amiable_indian
 
Web Exploit Finder Presentation
Web Exploit Finder PresentationWeb Exploit Finder Presentation
Web Exploit Finder Presentation
amiable_indian
 

Más de amiable_indian (20)

Phishing As Tragedy of the Commons
Phishing As Tragedy of the CommonsPhishing As Tragedy of the Commons
Phishing As Tragedy of the Commons
 
Cisco IOS Attack & Defense - The State of the Art
Cisco IOS Attack & Defense - The State of the Art Cisco IOS Attack & Defense - The State of the Art
Cisco IOS Attack & Defense - The State of the Art
 
Secrets of Top Pentesters
Secrets of Top PentestersSecrets of Top Pentesters
Secrets of Top Pentesters
 
Workshop on Wireless Security
Workshop on Wireless SecurityWorkshop on Wireless Security
Workshop on Wireless Security
 
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...
 
Workshop on BackTrack live CD
Workshop on BackTrack live CDWorkshop on BackTrack live CD
Workshop on BackTrack live CD
 
Reverse Engineering for exploit writers
Reverse Engineering for exploit writersReverse Engineering for exploit writers
Reverse Engineering for exploit writers
 
State of Cyber Law in India
State of Cyber Law in IndiaState of Cyber Law in India
State of Cyber Law in India
 
AntiSpam - Understanding the good, the bad and the ugly
AntiSpam - Understanding the good, the bad and the uglyAntiSpam - Understanding the good, the bad and the ugly
AntiSpam - Understanding the good, the bad and the ugly
 
Reverse Engineering v/s Secure Coding
Reverse Engineering v/s Secure CodingReverse Engineering v/s Secure Coding
Reverse Engineering v/s Secure Coding
 
Network Vulnerability Assessments: Lessons Learned
Network Vulnerability Assessments: Lessons LearnedNetwork Vulnerability Assessments: Lessons Learned
Network Vulnerability Assessments: Lessons Learned
 
Economic offenses through Credit Card Frauds Dissected
Economic offenses through Credit Card Frauds DissectedEconomic offenses through Credit Card Frauds Dissected
Economic offenses through Credit Card Frauds Dissected
 
Immune IT: Moving from Security to Immunity
Immune IT: Moving from Security to ImmunityImmune IT: Moving from Security to Immunity
Immune IT: Moving from Security to Immunity
 
Reverse Engineering for exploit writers
Reverse Engineering for exploit writersReverse Engineering for exploit writers
Reverse Engineering for exploit writers
 
Hacking Client Side Insecurities
Hacking Client Side InsecuritiesHacking Client Side Insecurities
Hacking Client Side Insecurities
 
Web Exploit Finder Presentation
Web Exploit Finder PresentationWeb Exploit Finder Presentation
Web Exploit Finder Presentation
 
Network Security Data Visualization
Network Security Data VisualizationNetwork Security Data Visualization
Network Security Data Visualization
 
Enhancing Computer Security via End-to-End Communication Visualization
Enhancing Computer Security via End-to-End Communication Visualization Enhancing Computer Security via End-to-End Communication Visualization
Enhancing Computer Security via End-to-End Communication Visualization
 
Top Network Vulnerabilities Over Time
Top Network Vulnerabilities Over TimeTop Network Vulnerabilities Over Time
Top Network Vulnerabilities Over Time
 
What are the Business Security Metrics?
What are the Business Security Metrics? What are the Business Security Metrics?
What are the Business Security Metrics?
 

Último

Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Angeliki Cooney
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 

Último (20)

Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 

Nmap Basics

  • 1. Nmap basics Maniac
  • 2. Nmap Basics - Overview What is nmap? Nmap, short for quot;network mapperquot;, is an open source utility which can quickly scan broad ranges of devices and provide valuable information about the devices on your network. It can be used for IT auditing and asset discovery as well as for security profiling of the network.
  • 3. Nmap Basics - Overview What does nmap do? Nmap uses raw IP packets to determine what hosts are available on the network, the services that are enabled, the operating system and version of the host, what sort of firewall or packet filters are in place and many other aspects of the network. The information can be used both proactively to identify and correct security holes and by attackers to perform reconnaissance about the types and quantities of targets available and what weaknesses exist.
  • 4. Nmap Basics - Overview Nmap runs on? Nmap is available for a wide range of operating system platforms. The standard download is a compressed file containing the UNIX version (which runs on Linux, Solaris, Free/Net/OpenBSD, and Mac OS X) and the Windows version as well as NmapFE, the X-Windows front end for UNIX, and NmapWIN, the recommended Windows GUI for Nmap.
  • 5. Nmap Basics - Overview Nmap can perform a wide range of scans. Some are more aggressive and blatant, while some are designed to be stealthy and scan undetected. Depending on the type of scan performed, different information can be discovered as well.
  • 6. Nmap Basics - Overview Connect SYN Stealth FIN, Xmas, Null Ping UDP Scan IP Protocol Scan Some of the scan types are: ACK Scan Window Scan RPC Scan List Scan FTP Bounce
  • 7. Nmap Basics - First Scan How hard is nmap to use? Nmap’s ability to be run from both the command line and from a GUI enable most people to get the tool up and running very quickly. Advanced features require more command line and technical expertise to use the tool effectively.
  • 8. Nmap Basics - First Scan Windows users take heed: Windows XP Service Pack 2 is shoddily supported due to the fact that Microsoft removed the socket layer from the Operating System. Furthermore, hacks and workarounds that have been discovered to get nmap to work results in Microsoft patching up this hole shortly thereafter. With this in note, your mileage may vary.
  • 9. Nmap Basics - First Scan Basic nmap scan example.
  • 10. Nmap Basics - First Scan Application IP Addresses scanned Time and date of the scan Ports discovered State of the port The type of service this port typically is Total number of IP Addresses scanned IP addresses found to be active Number of seconds to complete the scan
  • 11. Nmap Basics - Version Detection What is host detection? Host detection is a feature of nmap that tells it to further analyze what the packet behavior is, and assess what Operating System the target host is based on it’s analysis. Ok, well what about version detection then? Version detection expands on host detection by also querying the ports nmap finds open for what the service is.
  • 12. Nmap Basics - Version Detection Example output from the version detection flag. Service Info Service Version Unknown Fingerprint Unknown Service Identifier
  • 13. Nmap Basics - Version Detection Example of host detection. Operating System Information
  • 14. Nmap Basics - Pinging How does nmap identify hosts? Nmap by default will perform either a TCP SYN or a TCP Connect ping to gather active hosts. In some cases nmap will even use ARP pinging to identify hosts as well. How can you turn off pinging? The -P0 (P<zero>) switch will turn this feature off.
  • 15. Nmap Basics This concludes “Hacking With Nmap, Part 1”
  • 16. Nmap Basics Information Gathered from: Insecurity.org - The home of Nmap Netsecurity.about.com - Providers of the much of the Overview material.