Nmap Security Scanner


Network Mapped (Nmap) is a network scanning and host detection tool that is very useful during several steps of penetration testing. Nmap is not limited to merely gathering information and enumeration, but it is also powerful utility that can be used as a vulnerability detector or a security scanner. So Nmap is a multipurpose tool, and it can be run on many different operating systems including Windows, Linux, BSD, and Mac. Nmap is a very powerful utility that can be used to:

  • Detect the live host on the network (host discovery)
  • Detect the open ports on the host (port discovery or enumeration)
  • Detect the software and the version to the respective port (service discovery)
  • Detect the operating system, hardware address, and the software version
  • Detect the vulnerability and security holes (Nmap scripts)

Nmap is a very common tool, and it is available for both the command line interface and the graphical user interface.

I this post, I will show you how to use Nmap for port scanning and OS fingerprinting purposes.

Nmap Port Scannig

$ nmap target

Here target can be host URL/IP or network address(for scanning the entire subnet).
You can also add multiple targets to Namp (target1 target2 target3 …). There are a bundle of options for port scanning which are not discussed in this post. You can refer man pages for more details.

Nmap OS Fingerprinting

OS fingerprinting is one of the best known features of Nmap. It sends a series of TCP and UDP packets to the host and examines the reply to from the host. It compares the responses on it nmap-os-db database of more than 2500 OS fingerprints and displays the fingerprint of the OS that matches. This is possible only if at least one open port and one closed port is found.

You can use the following command to scan the fingerprint of the target OS.

$ namp -O target

You should have administrative rights to perform the above tasks.

My sample OS Fingerprint is shown

OS Fingerprint

Chat using Netcat

This post is regarding Netcat. Netcat is a networking service for managing network connections using TCP or UDP. It is often reffered to as the Swiss Knife TCP/IP. Another modern implementation of Netcat is Nmap’s Ncat. Although it comes with added features with nmap’s mature network libraries, it lacks some reverse compatibility issues with netcat.

Netcat is a tool that may enables us to gain control over the network with its arsenal of features. Here I am going to demonstrate how to establish a simple chat session using netcat.
As usual i am using Ubuntu 12.04. I comes enabled with the openBSD version of netcat. This may not support all the commands you may find on the net. You can change it to traditional version using the following command

$ update-alternatives --config nc

Step 1: Start Listening

This chat session works as a client-server model. We need to start listening to a port from the server. The command for start listening is

$ nc -l -p  <port_number>

Step 2:  Start Chatting

Any client can connect to this server and start chatting. For connecting the have to use nc command with the IP and port number to which the server is listening.

$ nc <server_ip> <server_port>

All done…. Now you can start chatting.