3. NMAP
Nmap (Network Mapper) a security scanner
written by Gordon Lyon
Discover hosts and services on computer
network
Nmap sends specially crafted packets to
target host(s) and analyses responses.
Provides a number of features such as
operating system detection.
4. Background on Nmap
Nmap traditionally runs in the command-line
Use of scripts to provide more advanced service
detection
Can adapt to network conditions including latency
and congestion during a scan.
5. Nmap
Nmap can adapt to network conditions including:
Latency
Congestion
Started as a Linux only utility but has been ported to
other operating systems such asWindows, Solaris,
HP-UX, BSD variants (such as macOS), AmigaOS,
and IRIX.
User community continues to develop and refine
Nmap.
6. Download and Installation
Nmap.org is official web page for Nmap
https://nmap.org/download.html is the link to
the download section of the web site
Site organized byWindows binaries, Linux
RPM Sources and Binaries, Mac OS X
Binaries, Source Code Distribution, and Other
Operating Systems.
12. Background on Zenmap
Zenmap is the official graphical user interface
for the Nmap Security Scanner.
It is free and open source and available on
a variety of platforms including Windows,
macOS, and Linux.
It is designed to make using Nmap easy
for beginners and provides advanced
features for experts
13. Zenmap: Features
Frequently used scan can be saved as profiles
making them easy to run repeatedly.
A command creator allows interactive
creation of Nmap command lines.
Scanned results can be saved and used later.
Saved scan results can be compared to see
how they differ.
Results are saved in a searchable database.
14. Setup and
Installation
Zenmap comes preinstalled
on Kali version 2016.2 and no
setup required.
The app can be found under
Application --> Information
Gathering
15. Setup and Installation
If Zenmap is missing or
need to be reinstalled
there are two main ways
to go about installation
The first and easiest is to
use the apt (Advanced
PackageTool) package
manager to install the
Nmap package with the
command apt-get install
zenmap
16. Setup and Installation
The second
method is to
download the
Nmap RPM files
and convert the to
deb files to install
in Debian. First go
to the nmap
download website
at
https://nmap.org/do
wnload.html
17. Setup and Installation
Download the
version of Nmap
that matches your
architecture;
either 64bit (x86-
64) or 32bit (x86)
Don’t forget to
download the
Zenmap RPM as
well
18. Setup and Installation
In order to convert a RPM file to deb file we need the
alien command
If alien is not installed your can install it from the terminal
and entering the command apt-get install alien
Generate a Debian package with a command such
as sudo alien nmap-5.21-1.x86_64.rpm
Install the Debian package with a command such as sudo
dpkg --install nmap_5.21-2_amd64.deb
Repeat steps for the Zenmap RPM
19. Step by Step Operation
Launch the
Zenmap app by
navigating to
Application -->
Information
Gathering
20. Step By Step Operation
Enter a target in the
target dialog box
You can specify the
command that you
want to use or you can
select a profile from
the drop down with
premade commands
21. Step by Step Operation
You can type
either a DNS
name or a IP
address to
scan
22. Step by Step Operation
When the scan
finishes it will list
ports that are open
and the protocol in
use
23. Step by Step Operation
To get more
information on
the ports
select the
Ports tab it will
list open and
filtered ports.
24. Step by step operation
The topology tab
will present a
network map
25. Step by step operation
Host details
will show
details on the
host scan
27. Saving and Loading
To save individual scans choose “save Scan”
from “Scan” menu (or use keyvoard shortcut
crtl+S)
If there are more than one scan you will be
asked which one to save.
You have the choice as saving as “Nmap XML
format” (.xml) or “Nmap text format”
(.nmap)
28. Saving and Loading
The XML format is the only format that can
be opened again by Zenmap.
You can save all scan by selecting “Save All
Scans to Directory” in the “Scan” menu.
When saving an inventory for the first time
you will create a new directory.
In subsequent saves you can continue to save
to the same directory.
29. Recent Scans Database
Scan results not saved are stored
automatically in a database.
Scan results the are loaded and then
modified by not resaved are stored in the
database.
Database is stored in a file called zenmap.db
Its location is platform-dependent.
30. Comparing Scans
Its common to want to run same scan at
different times or run slightly different scans
and see how they differ
Zenmap provides interface to compare scan
results
Open the comparison tool by selecting
“Compare Results” from “Tools” menu.
Zenmap supports comparing two scan results
at the same time.
32. How to secure a network against Zenmap
To secure against Zenmap its important to close unused
ports
Services will keep ports open as long as they’re open (
such as FTP ). Close unused services as well.
OS fingerprinting is accomplished thru banner grapping
of certain services (like FTP).
Depending on the OS on the host there are a variety of
solutions to mask your OS. Check the page
https://nmap.org/misc/defeat-nmap-osdetect.html for
OS specific solutions.