HakTip 94 – NMap 101: Scanning Networks For Open Ports To Access

This week on HakTip Shannon is using NMap to find open ports that can be accessed on the network.

Download HD | Download MP4

NMap can be used to obtain a much more aggressive scan than the ones we have seen so far. It’s very simple to do this too, by simply adding the -A command, like this:
nmap -A

Aggressive scans simply put together some of the most popularly used commands in Nmap, into one command for you to type. It uses commands such as -O, -sC –traceroute and others. We’ll go over these in more detail soon. For now, simply know that -O works for operating system detection, and -sC runs several scripts inside nmap at once such as speed and verbosity. When running this scan, which will take longer because of the extra scripts involved, you’ll receive back a bunch of strange looking fingerprint information. I tried running this on our printer, which doesn’t give us much information. But running this against our NAS gives us some interesting facts, such as the name of our NAS (Synology Diskstation), the open ports with more information, even the SSH hostkey with DSA and RSA encryptions.

If I nmap our network… This is what I find.
nmap —- we found .64 which is an HP printer with telnet open on port 23. So now I’ll open netcat in another window and connect to it.
nc 23
We’ve just telnetted into our HP printer. Now we can ls and see what directories are available, change directories, etc.

What would you like to see next about NMAP? Send me a comment below or email us at [email protected] If you like NMap, perhaps you’ll enjoy our new show, Metasploit Minute with Mubix, airing every Monday at hak5.wpengine.com. And be sure to check out our sister show, Hak5 for more great stuff just like this. I’ll be there, reminding you to trust your technolust.

  • CarrolMDuncanson

    Thanks for ones marvelous posting! I genuinely enjoyed reading it, you happen to be a great author.
    I will be sure to bookmark your blog and will eventually come back at some
    point. I want to encourage you to ultimately continue your great
    writing, have a nice day!

  • DanaPDonlyuk

    You’re so interesting! I do not think I’ve truly read something like this
    before. So wonderful to find somebody with some genuine thoughts on this topic.
    Really.. many thanks for starting this up. This web site is something
    that is required on the web, someone with some originality!

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>