Introduction to Nmap.pdf

(528 KB) Pobierz
Introducing Nmap
Nmap is a tool used for determining the hosts that are running and what services
the hosts are running. Nmap can be a valuable diagnostic tool for network administrators
while they can be also a potent reconnaissance tool for the Black-hat community
(Hackers, Crackers, Script Kiddies, etc). Once the network is charted out using tools like
Lan MapShot, the Nmap can be used to determine the type of services and hosts running
in the network.
Primary Uses of Nmap
1. Determining open ports and services running in an host:
2. Determine the Operating System running on a host
3. Alter the source IP of the scan (One way is to use –S option)
1
Nmap using Redhat 9.0
In the Cyberdefense lab scenario, it is recommended that Nmap be run from a
Redhat Linux machine. Nmap can be run from a terminal using command lines or it can
be run using a front end. Using the front end is more user-friendly. It also automatically
shows the command being used. More information on Nmap can be obtained from the
manual pages of Redhat using the command ‘man nmap’.
1
This feature needs to be studied further
Figure 1:
man nmap
command
To use Nmap in a Redhat machine follow these steps:
1. Open a terminal and type
nmapfe
to access the front end of namp. If the nmapfe
command is not recognized, we need to install the program.
2. Go to Start (Red hat)
System Settings
Add/Remove Application
3. From the set of applications displayed, under the
System head,
select
System Tools
and hit
Details,
usually highlighted in blue to the right hand side.
4. From the new window that is shown, select
nmap
and
nmap-frontend.
The system
will prompt for the required CDs. (Make sure you have all the three Redhat 9 CDs
ready).
Figure 2:
nmapfe command
output
1
3
4
2
The figure shows the Nmap front end in the Fedora Core 2 which is very similar
to the one in Redhat 9.0.
5. Once the front end opens (Refer to Figure 2), the Target host IP could be entered
for scanning (Callout 1 in Figure 2). The command used for scanning s also
shown in the front end (Callout 2 in Figure 2).
The Nmap was run on the gateway server that is protected by IPTables firewall.
Nmap identifies the ports scanned as filtered (Callout 3 in Figure 2). The major
disadvantage of Nmap is also identified in Figure 2. Although the server is Redhat
9, since the server is protected by a firewall, Nmap could not identify the host
operating system correctly. It identified the OS as Windows erroneously (Callout
4 in Figure 2).
This is currently a disadvantage of Nmap.
6. Figure 3 shows an Nmap run on an unprotected host running Windows 2000.
Figure 3:
Nmap on a Windows 2000 machine
The Nmap identifies the open ports, the services, and the flavor of operating
system running on the host.
Running Nmap on Windows
Nmap can be installed on windows. The installation files have to be downloaded
2
from the Internet. The two important files to be installed are as follows:
a) nmap-<version>-win32.zip
3
b) WinPcap 3.0 stable version. (WinPcap is the packet capture library for Nmap).
The download page for Nmap offers a link for downloading WinPcap.
To install and run Nmap from windows follow these steps:
1. Download the installation files to a folder. Unzip the Nmap installation files to the
C: drive. A new folder nmap-<version> is created in the C: drive.
2. To improve performance, it is advised that nmap_performace.reg be applied to the
system registry. To do this, double click on the nmap_performance.reg in the
C:\nmap-<version> folder.
3. Double click on the WinPcap install icon to install the WinPcap.
4. From the command prompt, navigate to the folder nmap-<Version>.
5. In the folder, we can run Nmap with command ‘nmap <IP address>’. Other
complex Nmap commands can be run from this location.
2
3
www.insecure.org
Currently the downloadable version is nmap-3.75

Plik z chomika:

Inne pliki z tego folderu:

Inne foldery tego chomika:

Zgłoś jeśli naruszono regulamin