User Tools

Site Tools


nmap:learning_path

This is an old revision of the document!


Nmap

Nmap (“Network Mapper”) is an open source tool for network exploration and security auditing. Nmap uses raw IP packets to determine hosts available on a network, host services (applications) and host OS. type of packet filters/firewalls are in use and other characteristics.

Nmap is useful for routine tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime.

What computers are running on the local network? What IP addresses are on the local network? What operating system used by a target machine? What ports are open on target machine? Find out if the system is infected with malware? Search for unauthorized services on your network. Find and remove computers from the network.

Setup a lab

    | server1 |----------- | swtich  |---------|server2 |
                                       |
                                       |
                         +---------+----------+
                         | wks01 Linux      |
                         +--------------------+

wks01 - Your computer running Linux and nmap.

server1 any operating system. Unpatched server runs a web-server, file server etc.

server2 any operating system. Fully patched server wruns a web-server, file server etc.

All three systems are connected via switch.

Install nmap

# Ubuntu/Debian based
sudo apt-get install nmap
 
# RHEL/Fedora based distributions
sudo dnf instll nmap

Scan a host name with more info

nmap -v 192.168.1.1
Nmap scan report for gateway (192.168.1.1)
Host is up (0.0064s latency).
Not shown: 993 closed ports
PORT      STATE SERVICE
21/tcp    open  ftp
23/tcp    open  telnet
80/tcp    open  http
139/tcp   open  netbios-ssn
445/tcp   open  microsoft-ds
1900/tcp  open  upnp
20005/tcp open  btx
nmap/learning_path.1631961887.txt.gz · Last modified: 2021/09/18 10:44 by 2607:5300:60:3b5d::1