SlideShare a Scribd company logo

Nmap Basics

A
amiable_indian

Nmap is an open source tool that can scan networks to discover available hosts, services on hosts, operating systems and versions running on hosts, types of firewalls and filters in place, and other network details. It works across Linux, Windows, and other platforms. Nmap uses raw IP packets to gather this information, which can help identify security issues but also be used by attackers for reconnaissance. The tool supports various types of scans with different tradeoffs between stealthiness and information discovered. While Nmap has both command line and GUI interfaces, advanced usage requires command line expertise.

Related slideshows

Nmap basics
Nmap basicsNmap basics
Nmap basics
 
Nmap
NmapNmap
Nmap
 
Nmap
NmapNmap
Nmap
 
1 of 16
Download to read offline
Nmap basics Maniac
Nmap Basics - Overview What is nmap? Nmap, short for quot;network mapperquot;, is an open source utility which can quickly scan broad ranges of devices and provide valuable information about the devices on your network. It can be used for IT auditing and asset discovery as well as for security profiling of the network.
Nmap Basics - Overview What does nmap do? Nmap uses raw IP packets to determine what hosts are available on the network, the services that are enabled, the operating system and version of the host, what sort of firewall or packet filters are in place and many other aspects of the network. The information can be used both proactively to identify and correct security holes and by attackers to perform reconnaissance about the types and quantities of targets available and what weaknesses exist.
Nmap Basics - Overview Nmap runs on? Nmap is available for a wide range of operating system platforms. The standard download is a compressed file containing the UNIX version (which runs on Linux, Solaris, Free/Net/OpenBSD, and Mac OS X) and the Windows version as well as NmapFE, the X-Windows front end for UNIX, and NmapWIN, the recommended Windows GUI for Nmap.
Nmap Basics - Overview Nmap can perform a wide range of scans. Some are more aggressive and blatant, while some are designed to be stealthy and scan undetected. Depending on the type of scan performed, different information can be discovered as well.
Nmap Basics - Overview Connect SYN Stealth FIN, Xmas, Null Ping UDP Scan IP Protocol Scan Some of the scan types are: ACK Scan Window Scan RPC Scan List Scan FTP Bounce
Nmap Basics - First Scan How hard is nmap to use? Nmap’s ability to be run from both the command line and from a GUI enable most people to get the tool up and running very quickly. Advanced features require more command line and technical expertise to use the tool effectively.
Nmap Basics - First Scan Windows users take heed: Windows XP Service Pack 2 is shoddily supported due to the fact that Microsoft removed the socket layer from the Operating System. Furthermore, hacks and workarounds that have been discovered to get nmap to work results in Microsoft patching up this hole shortly thereafter. With this in note, your mileage may vary.
Nmap Basics - First Scan Basic nmap scan example.
Nmap Basics - First Scan Application IP Addresses scanned Time and date of the scan Ports discovered State of the port The type of service this port typically is Total number of IP Addresses scanned IP addresses found to be active Number of seconds to complete the scan
Nmap Basics - Version Detection What is host detection? Host detection is a feature of nmap that tells it to further analyze what the packet behavior is, and assess what Operating System the target host is based on it’s analysis. Ok, well what about version detection then? Version detection expands on host detection by also querying the ports nmap finds open for what the service is.
Nmap Basics - Version Detection Example output from the version detection flag. Service Info Service Version Unknown Fingerprint Unknown Service Identifier
Nmap Basics - Version Detection Example of host detection. Operating System Information
Nmap Basics - Pinging How does nmap identify hosts? Nmap by default will perform either a TCP SYN or a TCP Connect ping to gather active hosts. In some cases nmap will even use ARP pinging to identify hosts as well. How can you turn off pinging? The -P0 (P<zero>) switch will turn this feature off.
Nmap Basics This concludes “Hacking With Nmap, Part 1”
Nmap Basics Information Gathered from: Insecurity.org - The home of Nmap Netsecurity.about.com - Providers of the much of the Overview material.

More Related Content

Nmap Basics

  • 1. Nmap basics Maniac
  • 2. Nmap Basics - Overview What is nmap? Nmap, short for quot;network mapperquot;, is an open source utility which can quickly scan broad ranges of devices and provide valuable information about the devices on your network. It can be used for IT auditing and asset discovery as well as for security profiling of the network.
  • 3. Nmap Basics - Overview What does nmap do? Nmap uses raw IP packets to determine what hosts are available on the network, the services that are enabled, the operating system and version of the host, what sort of firewall or packet filters are in place and many other aspects of the network. The information can be used both proactively to identify and correct security holes and by attackers to perform reconnaissance about the types and quantities of targets available and what weaknesses exist.
  • 4. Nmap Basics - Overview Nmap runs on? Nmap is available for a wide range of operating system platforms. The standard download is a compressed file containing the UNIX version (which runs on Linux, Solaris, Free/Net/OpenBSD, and Mac OS X) and the Windows version as well as NmapFE, the X-Windows front end for UNIX, and NmapWIN, the recommended Windows GUI for Nmap.
  • 5. Nmap Basics - Overview Nmap can perform a wide range of scans. Some are more aggressive and blatant, while some are designed to be stealthy and scan undetected. Depending on the type of scan performed, different information can be discovered as well.
  • 6. Nmap Basics - Overview Connect SYN Stealth FIN, Xmas, Null Ping UDP Scan IP Protocol Scan Some of the scan types are: ACK Scan Window Scan RPC Scan List Scan FTP Bounce
  • 7. Nmap Basics - First Scan How hard is nmap to use? Nmap’s ability to be run from both the command line and from a GUI enable most people to get the tool up and running very quickly. Advanced features require more command line and technical expertise to use the tool effectively.
  • 8. Nmap Basics - First Scan Windows users take heed: Windows XP Service Pack 2 is shoddily supported due to the fact that Microsoft removed the socket layer from the Operating System. Furthermore, hacks and workarounds that have been discovered to get nmap to work results in Microsoft patching up this hole shortly thereafter. With this in note, your mileage may vary.
  • 9. Nmap Basics - First Scan Basic nmap scan example.
  • 10. Nmap Basics - First Scan Application IP Addresses scanned Time and date of the scan Ports discovered State of the port The type of service this port typically is Total number of IP Addresses scanned IP addresses found to be active Number of seconds to complete the scan
  • 11. Nmap Basics - Version Detection What is host detection? Host detection is a feature of nmap that tells it to further analyze what the packet behavior is, and assess what Operating System the target host is based on it’s analysis. Ok, well what about version detection then? Version detection expands on host detection by also querying the ports nmap finds open for what the service is.
  • 12. Nmap Basics - Version Detection Example output from the version detection flag. Service Info Service Version Unknown Fingerprint Unknown Service Identifier
  • 13. Nmap Basics - Version Detection Example of host detection. Operating System Information
  • 14. Nmap Basics - Pinging How does nmap identify hosts? Nmap by default will perform either a TCP SYN or a TCP Connect ping to gather active hosts. In some cases nmap will even use ARP pinging to identify hosts as well. How can you turn off pinging? The -P0 (P<zero>) switch will turn this feature off.
  • 15. Nmap Basics This concludes “Hacking With Nmap, Part 1”
  • 16. Nmap Basics Information Gathered from: Insecurity.org - The home of Nmap Netsecurity.about.com - Providers of the much of the Overview material.