New Posts  All Forums:Forum Nav:

Guide to NMAP

post #1 of 2
Thread Starter 
For those who are not familiar with NMAP, this program is used to monitor your home or office network, check for vulnerabilities, and intrusion detection. This is most useful for those who are using wireless networks, or are a Systems Administrator at work, to be sure that there is no unauthorized software or computers on your local or office network. In this guide we will list all of the various commands as well as the command syntax for usage. To start the guide we will list the commands, because this would be an obvious place to start.

Scan Options:
-sT (TCP Connect)
-sX (Xmas Scan)
-sU (UDP Scan)
-sA (Ack Scan)
-sL (List/DNS Scan)
-sS (SYN Scan)
-sN (Null Scan)
-sO (Protocol Scan)
-sW (Window Scan)
-sF (FIN Scan)
-sP (Ping Scan)
-sL (Idle Scan)
-sR (RPC Scan)


Ping Detection:

-P0 (dont Ping)
-PI (ICMP Ping)
-PP (ICMP Timestamp)
-PT (TCP Ping)
-PS (SYN Ping)
-PM (ICMP Netmask)


Timing

-T Paranoid - Serial Scan & 300 second wait
-T Sneaky - serialize scans & wait 15 seconds
-T Polite - serialize scans & wait 0.4 seconds
-T Normal - parallel scan
-T Aggressive - parallel scan & 300 second timeout & 1.25 seconds/probe
-T Insane - parallel scan & 75 second timeout with 0.3 seconds/probe


The options can be used in any number of sequences however depending on what you need, you can determine the appropriate scan type for your network.

Syntax:

Quote:
root@linux-servers.net:~$ nmap -sT 192.168.1.1-150
This will scan the selected subnet within the IP range of 192.168.1.1 through 192.168.1.150. Edit this to adjust to your network in which you will be using this software on. Using the above command this will produce an output similar to the following:

Quote:
root@linux-servers.net:~$ nmap -sT 192.168.1.1-150

Starting Nmap 4.20 ( http://insecure.org ) at 2007-06-13 15:31 CDT
Interesting ports on DD-WRT (192.168.1.1):
Not shown: 1695 closed ports
PORT STATE SERVICE
53/tcp open domain
80/tcp open http

Interesting ports on root.linux-servers.net (192.168.1.105):
Not shown: 1696 closed ports
PORT STATE SERVICE
80/tcp open http

Interesting ports on vulnerablesystem.linux-servers.net (192.168.1.125):
Not shown: 1691 closed ports
PORT STATE SERVICE
80/tcp open http
135/tcp open msrpc
139/tcp open netbios-ssn
443/tcp open https
445/tcp open microsoft-ds
3389/tcp open ms-term-serv

Nmap finished: 150 IP addresses (3 hosts up) scanned in 15.535 seconds
root@linux-servers.net:~$
This example scan will show you some of the information collected which will help you determine if the computers and software on your network should be there, if you detect something that should not be there such as a computer that you do not own you can then take appropriate action to resolve the issue. If you notice that there are open ports and that the computer listed is responding and providing this information that would be an indicator that your system that is providing that information is not secure, or is not running a firewall, such as the system shown above in the example scan listing its open ports.

Hope this quick guide was helpful, as always if you have any questions ask!
Desktop
(13 items)
 
  
CPUMotherboardGraphicsRAM
Q9550 EVGA 780SLi EVGA GTX285SSC 4GB OCZ Reaper HPC Edition 
Hard DriveOptical DriveOSPower
150GB Velociraptor x2 - RAID0 2 - Samsung Write Master's Window 7 64-bit 750 Watt OCZ 60 AMPs on +12v 
CaseMouse
LIAN LI PC-V2110B Black Logitech G3 
  hide details  
Reply
Desktop
(13 items)
 
  
CPUMotherboardGraphicsRAM
Q9550 EVGA 780SLi EVGA GTX285SSC 4GB OCZ Reaper HPC Edition 
Hard DriveOptical DriveOSPower
150GB Velociraptor x2 - RAID0 2 - Samsung Write Master's Window 7 64-bit 750 Watt OCZ 60 AMPs on +12v 
CaseMouse
LIAN LI PC-V2110B Black Logitech G3 
  hide details  
Reply
post #2 of 2
what nice guide (+REP) , I was thinking is there any way that I can sweep a whole network & OS fingerprint them (like a script or something) ?
Under-Utilized
(14 items)
 
  
CPUMotherboardGraphicsRAM
3570K Z77-D3H XFX RX480 RS Corsair Vengeance 
Hard DriveHard DriveCoolingOS
HyperX 3K 120GB 3TB Storage Hyper 212 Plus Windows 10 
MonitorKeyboardPowerMouse
24" CFG70  SideWinder X6 550 Watt Logitech G602 
Mouse PadAudio
Razer eXactMat X Objective2 +ODAC 
  hide details  
Reply
Under-Utilized
(14 items)
 
  
CPUMotherboardGraphicsRAM
3570K Z77-D3H XFX RX480 RS Corsair Vengeance 
Hard DriveHard DriveCoolingOS
HyperX 3K 120GB 3TB Storage Hyper 212 Plus Windows 10 
MonitorKeyboardPowerMouse
24" CFG70  SideWinder X6 550 Watt Logitech G602 
Mouse PadAudio
Razer eXactMat X Objective2 +ODAC 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Networking & Security