Monday, July 6, 2009

Network Mapper Nmap Notes

Nmap ("Network Mapper") is a free and open source (license) utility for network exploration or security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and both console and graphical versions are available.

Performs network reconnaissance/vulnerability testing

Compilation Instructions:
1. export PATH=$PATH:/usr/ccs/bin
2. ./configure
3. make || gmake
4. gmake install - copies nmap to /usr/local/bin

Note: nmap can be run by any user on the system, however, only root, may perform more dangerous functions. i.e. SYN-based scans

###Check ports of hosts###
nmap -v as root, causes a SYN-based scan to occur:
SYN -> SYN-ACK -> Termination
SYN -> SYN-ACK -> ACK - TCP-based scan performed by normal users

Nmap can export to the following file types:
1. Normal
2. XML
3. Greppable

Readers who read this page, also read:

Bookmark and Share My Zimbio