HakTip 91 – NMap 101: Installing and Your First Target Scan
This week on HakTip Shannon is introducing NMap a security scanner used to discover hosts and services on the network!
NMap is short for Network Mapper. It is a free and open source utility for security audits and network discovery. It’s been around since 1997 and hasn’t changed much, but is still kept up to date by it’s user community. NMap is available for a variety of platforms, the most popular being Linux.
Over the course of my NMap series, I’ll introduce concepts such as using it for: Host discovery – Identifying hosts on a network, Port scanning, Version detection, OS detection, and Scriptable interaction with the target.
NMap can also give you info on DNS names, device types, MAC addresses and more. It’s usually used to audit the security of a device, identify open ports, network inventory, and identifying new servers.
Of course, NMap just like any other tool could be used for black or white hat hacking, and is widely used strictly for systems administration.
To download NMap type into your terminal on Linux nmap –version. If you do not have nmap installed it will tell you so. If you need to install it, type sudo apt-get install nmap. There is also a graphical user interface version called Zenmap that can be used, but we are going to just focus on the command line version for the HakTips. Both Windows and Mac have download options as well, and directions for both of those downloads can be found through the NMap.org link. If you have Kali Linux, it’s already installed. HA!
To start using Nmap to scan a single target computer or server, type this syntax: Nmap (Target). For my example, I am going to scan my Synology NAS so my command would look like this: Nmap 10.73.31.74. This scan will show you the status of ports detected. You will see three columns, the Port, the State, and the Service. The list of ports shows you the port number that certain services are running on and what protocol they are using. The state is the status of that service, and the Service is the software that is running on that server. The state can be open, closed, filtered, unfiltered, open/filtered, or closed/filtered. Paying attention to what processes are running on your servers and are open can be crucial to keeping your network secure. More on that later!
What would you like to see next about NMAP? Send me a comment below or email us at [email protected]
And be sure to check out our sister show, Hak5 for more great stuff just like this. I’ll be there, reminding you to trust your technolust.