SlideShare ist ein Scribd-Unternehmen logo

Understanding NMAP

Als PPTX, PDF herunterladen
Phannarith Ou, G-CISO
Phannarith Ou, G-CISO

This is the basic document related to NMAP. This was present during the Defense Saturday 8. Defense Saturday is one of the initiative by SecuDemy.com

Bildung
1 von 23
Pin Pechdara Network Engineer Auguast 15, 2015 Nmap
 What is Nmap?  Process of Nmap  Scanning techniques  Dectect OS with Nmap  Host and Port Option  Real Time Information  Timing Option  Logging Information Agenda
What is Nmap?  Nmap is a free and open source utility for network discovery and security auditing.  Latest version of nmap is 6.49BETA2  Nmap supports all platform of OS like  Linux/Unix  Microsoft  Mac
Process Nmap 1. If hostname use as target, nmap will perform dns lookup to scan. But if ip address use as target, dns lookup will not process 2. Nmap pings the romote device. Can disable ping with option (- Pn) 3. If IP address is specified as the remote host, Reverse DNS will occur. We can use option (-n) to disable if we think it is not necessary 4. Nmap executes the scan.
TCP SYN Scan (-sS)  Allow nmap to gather information about open ports without completing the TCP handshake process.  By default if nmap scan option isn’t specified on the command line, TCP SYN scan is use #namp --sS -v 192.168.1.100 Source Destination
TCP SYN Scan (-sT)  Allow nmap to gather information about open ports with completing the TCP handshake process.  nmap –sT –v 192.168.1.100 Source Destination
Ping Scan (-sP)  Ping Scan is a quickest scan that nmap perform.  It is useful to determine remote hosts are up or down. #nmap -v -sP 192.168.1.100 --packet_trace Source Destination
Version Detection (-sV)  Allow nmap to gather version of application of remote host  The version detection scan runs automatically if the Aggressive Scan (-A) is selected.  -sP, -sL, -sO will not run the same command line with version detection Source Destination
UDP Scan (-sU)  UDP has no need to process 3 way handshake or SYN, FIN, and RST. #nmap -sU -v 192.168.1.100 --packet_trace Source Destination
IP Protocol Scan (-sO)  The IP Protocol Scan attempt to determine IP Protocol support on target. #nmap -v -sO 192.168.1.100 --packet_trace Source Destination
ACK Scan (-sA)  ACK Scan to determine port filter or unfilter #nmap -sA -v 192.168.1.100 Source Destination
Window Scan (-sA)  Allow nmap to gather information about open ports without completing the TCP handshake process.  The version detection scan runs automatically if the Aggressive Scan (-A) is selected.  -sP, -sL, -sO will not run the same command line with version detection Source Destination
Idlescan (-sI)  Idle Scan use other station to scan remote host device #nmap -sI -v 192.168.1.50 192.168.1.100 Source Destination Zombie
How to Detect OS with Nmap  Technically, nmap provide the rich feature that offer us to dectect what OS that remote devices are used.  By using below additional options we can get what OS of remote host  OS fingerprint with option (-O) #nmap -sS -O 192.168.1.100  Additional, Advance, and Aggressive (-A) Note: shortcut for running (-O) & (-sV) #nmap -sS -A 192.168.1.100
Host and Port options  Except Target  Exclude Targets (--exclude host1,host2,….) This option provide nmap to avoid scanning specific hosts that are not necessary #nmap -v -sS 192.168.1.0/24 --exclude 192.168.1.1-10  Exclude Targets in File (--excludefile <filename>) This option provide nmap to avoid scanning specific hosts from file. #nmap -v -sS 192.168.1.0/24 --ecludefile except_IP.txt  Include Target  Read Targets from File (-iL <filename>) This option provide name to scan specific host from file. #nmap -v -sS 192.168.1.0/24 -iL IP_Scan.txt
Host and Port options (Cont)  Specify Port Protocol or Port Number (-p <port_range>) by using this option, it provides nmap to scan specific port rather than scan all port (1000 ports) #nmap -v -sS -p 80 192.168.1.100 (-p dedicate to TCP port number) #nmap -v -sO -p 6 192.168.1.100 (-p dedicate to protocol number) #nmap -v -sU -p 6 192.168.1.100 (-p dedicate UDP Port number)
Real Time Information  While Nmap is processing to scan remote host device, there are a lot of activities behind what we seen on screen.  So we use additional option to see slightly with :  Verbose Mode (--verbose, -v) #nmap -sS -v 192.168.1.100  Packet Trace (--packet_trace) #nmap -sS -v 192.168.1.100 --packet_trace
Timing Option (--timing, -T <0-5>) Category Initial_rtt_timeout Min_rtt_timeout Max_rtt_timeout Max_parallelism Scan_delay Max_scan_delay T0/Paranoid 5 min Default 100ms Default 10 sec serial 5 min Default 1 sec T1/Sneaky 15 Sec Default 100ms Default 10 sec serial 15 sec Default 1 sec T2/Polite Default (1 Sec) Default 100ms Default 10 sec serial 400ms Default 1 sec T3/Normal Default (1 Sec) Default 100ms Default 10 sec parallel 0 sec Default 1 sec T4/Aggressive 500ms 100ms 1,250ms parallel 0 sec 10ms T5/Insane 200ms 50ms 300ms parallel 0 sec 5ms #nmap -sS -v 192.168.1.100 -T5
Logging Information  Nmap provide many options of logging the scan result.  Normal Format (-oN <Logfilename>) #nmap -sS -v 192.168.1.100 --packet_trace -oN nmap_output  XML Format (-oX <Logfilenmae>) #nmap -sS -v 192.168.1.100 --packet_trace -oN nmap_output  Grepable Format (-oG <filename>) #nmap -sS -v 192.168.1.100 --packet_trace -oG nmap_output  All Formats (-oA <filename>) this option will create 3 different output (Normal, XML, grepable output) #nmap -sS -v 192.168.1.100 --packet_trace -oA nmap_output
Nmap sample command Nmap command Description Nmap 192.168.1.100 Perform nmap scan default on host 192.168.1.100 Nmap 192.168.1.0/24 Scan default nmap on network 192.168.1.0 Nmap –sP 192.168.1.100 Just ping to identify remote host alive or not Nmap –sS –O –p 22,80,443 192.168.1.100 Perform SYN scan on port 22, 80, and 443 on remote host and dectect operation system nmap -sS -Pn -sV -O nmap.org Syn scan, no ping, identify version, and operating system detection. nmap -v -n -sS -sU -Pn -A -oA scan nmap.org -v invokes verbosity. -n skips name resolution. -sS is a SYN scan. -sU scans UDP ports. -Pn skips pinging. -A enables both OS fingerprinting and version detection (tries to verify what is listening on found ports). -oA scan creates reports as scan.nmap, scan.gnmap, and scan.xml.
Question
Understanding NMAP
Understanding NMAP

Empfohlen

Nmap basics
Nmap basicsNmap basics
Nmap basicsitmind4u
 
NMAP
NMAPNMAP
NMAPPrateekAryan1
 
NMap
NMapNMap
NMapPritesh Raka
 
Nmap basics
Nmap basicsNmap basics
Nmap basicsn|u - The Open Security Community
 
Hacking With Nmap - Scanning Techniques
Hacking With Nmap - Scanning TechniquesHacking With Nmap - Scanning Techniques
Hacking With Nmap - Scanning Techniquesamiable_indian
 
Nmap(network mapping)
Nmap(network mapping)Nmap(network mapping)
Nmap(network mapping)shwetha mk
 
NMAP - The Network Scanner
NMAP - The Network ScannerNMAP - The Network Scanner
NMAP - The Network Scannern|u - The Open Security Community
 
Ch 5: Port Scanning
Ch 5: Port ScanningCh 5: Port Scanning
Ch 5: Port ScanningSam Bowne
 

Empfohlen

Nmap basics
Nmap basicsNmap basics
Nmap basicsitmind4u
 
NMAP
NMAPNMAP
NMAPPrateekAryan1
 
NMap
NMapNMap
NMapPritesh Raka
 
Nmap basics
Nmap basicsNmap basics
Nmap basicsn|u - The Open Security Community
 
Hacking With Nmap - Scanning Techniques
Hacking With Nmap - Scanning TechniquesHacking With Nmap - Scanning Techniques
Hacking With Nmap - Scanning Techniquesamiable_indian
 
Nmap(network mapping)
Nmap(network mapping)Nmap(network mapping)
Nmap(network mapping)shwetha mk
 
NMAP - The Network Scanner
NMAP - The Network ScannerNMAP - The Network Scanner
NMAP - The Network Scannern|u - The Open Security Community
 
Ch 5: Port Scanning
Ch 5: Port ScanningCh 5: Port Scanning
Ch 5: Port ScanningSam Bowne
 
Port Scanning
Port ScanningPort Scanning
Port Scanningamiable_indian
 
Nmap
NmapNmap
NmapSreekanth Narendran
 
Recon with Nmap
Recon with Nmap Recon with Nmap
Recon with Nmap OWASP Delhi
 
Nmap commands
Nmap commandsNmap commands
Nmap commandsKailash Kumar
 
N map presentation
N map presentationN map presentation
N map presentationulirraptor
 
Scanning with nmap
Scanning with nmapScanning with nmap
Scanning with nmapcommiebstrd
 
Nmap and metasploitable
Nmap and metasploitableNmap and metasploitable
Nmap and metasploitableMohammed Akbar Shariff
 
Wireshark
WiresharkWireshark
WiresharkSourav Roy
 
Nmap
NmapNmap
NmapMegha Sahu
 
Nmap Hacking Guide
Nmap Hacking GuideNmap Hacking Guide
Nmap Hacking GuideAryan G
 
Nmap Basics
Nmap BasicsNmap Basics
Nmap Basicsamiable_indian
 
Nmap
NmapNmap
NmapFat-Thing Gabriel-Culley
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentationgaurav96raj
 
Software security
Software securitySoftware security
Software securityRoman Oliynykov
 
Metasploit framwork
Metasploit framworkMetasploit framwork
Metasploit framworkDeepanshu Gajbhiye
 
Module 2 Foot Printing
Module 2 Foot PrintingModule 2 Foot Printing
Module 2 Foot Printingleminhvuong
 
Network Mapper (NMAP)
Network Mapper (NMAP)Network Mapper (NMAP)
Network Mapper (NMAP)KHNOG
 
Footprinting and reconnaissance
Footprinting and reconnaissanceFootprinting and reconnaissance
Footprinting and reconnaissanceNishaYadav177
 
Network scanning
Network scanningNetwork scanning
Network scanningoceanofwebs
 
Introduction to Network and System Administration
Introduction to Network and System AdministrationIntroduction to Network and System Administration
Introduction to Network and System AdministrationDuressa Teshome
 
Nmap not only a port scanner by ravi rajput comexpo security awareness meet
Nmap not only a port scanner by ravi rajput comexpo security awareness meet Nmap not only a port scanner by ravi rajput comexpo security awareness meet
Nmap not only a port scanner by ravi rajput comexpo security awareness meet Ravi Rajput
 
Nmap 9 truth "Nothing to say any more"
Nmap 9 truth "Nothing to say any more"Nmap 9 truth "Nothing to say any more"
Nmap 9 truth "Nothing to say any more"abend_cve_9999_0001
 

Weitere ähnliche Inhalte

Was ist angesagt?

Recon with Nmap
Recon with Nmap Recon with Nmap
Recon with Nmap OWASP Delhi
 
N map presentation
N map presentationN map presentation
N map presentationulirraptor
 
Scanning with nmap
Scanning with nmapScanning with nmap
Scanning with nmapcommiebstrd
 
Nmap Hacking Guide
Nmap Hacking GuideNmap Hacking Guide
Nmap Hacking GuideAryan G
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentationgaurav96raj
 
Module 2 Foot Printing
Module 2 Foot PrintingModule 2 Foot Printing
Module 2 Foot Printingleminhvuong
 
Network Mapper (NMAP)
Network Mapper (NMAP)Network Mapper (NMAP)
Network Mapper (NMAP)KHNOG
 
Footprinting and reconnaissance
Footprinting and reconnaissanceFootprinting and reconnaissance
Footprinting and reconnaissanceNishaYadav177
 
Network scanning
Network scanningNetwork scanning
Network scanningoceanofwebs
 
Introduction to Network and System Administration
Introduction to Network and System AdministrationIntroduction to Network and System Administration
Introduction to Network and System AdministrationDuressa Teshome
 

Was ist angesagt? (20)

Port Scanning
Port ScanningPort Scanning
Port Scanning
 
Nmap
NmapNmap
Nmap
 
Recon with Nmap
Recon with Nmap Recon with Nmap
Recon with Nmap
 
Nmap commands
Nmap commandsNmap commands
Nmap commands
 
N map presentation
N map presentationN map presentation
N map presentation
 
Scanning with nmap
Scanning with nmapScanning with nmap
Scanning with nmap
 
Nmap and metasploitable
Nmap and metasploitableNmap and metasploitable
Nmap and metasploitable
 
Wireshark
WiresharkWireshark
Wireshark
 
Nmap
NmapNmap
Nmap
 
Nmap Hacking Guide
Nmap Hacking GuideNmap Hacking Guide
Nmap Hacking Guide
 
Nmap Basics
Nmap BasicsNmap Basics
Nmap Basics
 
Nmap
NmapNmap
Nmap
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentation
 
Software security
Software securitySoftware security
Software security
 
Metasploit framwork
Metasploit framworkMetasploit framwork
Metasploit framwork
 
Module 2 Foot Printing
Module 2 Foot PrintingModule 2 Foot Printing
Module 2 Foot Printing
 
Network Mapper (NMAP)
Network Mapper (NMAP)Network Mapper (NMAP)
Network Mapper (NMAP)
 
Footprinting and reconnaissance
Footprinting and reconnaissanceFootprinting and reconnaissance
Footprinting and reconnaissance
 
Network scanning
Network scanningNetwork scanning
Network scanning
 
Introduction to Network and System Administration
Introduction to Network and System AdministrationIntroduction to Network and System Administration
Introduction to Network and System Administration
 

Andere mochten auch

Nmap not only a port scanner by ravi rajput comexpo security awareness meet
Nmap not only a port scanner by ravi rajput comexpo security awareness meet Nmap not only a port scanner by ravi rajput comexpo security awareness meet
Nmap not only a port scanner by ravi rajput comexpo security awareness meet Ravi Rajput
 
Nmap 9 truth "Nothing to say any more"
Nmap 9 truth "Nothing to say any more"Nmap 9 truth "Nothing to say any more"
Nmap 9 truth "Nothing to say any more"abend_cve_9999_0001
 
Nmap(network mapping)
Nmap(network mapping)Nmap(network mapping)
Nmap(network mapping)SSASIT
 
OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)
OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)
OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)Denny K
 
Wireshark course, Ch 02: Introduction to wireshark
Wireshark course, Ch 02: Introduction to wiresharkWireshark course, Ch 02: Introduction to wireshark
Wireshark course, Ch 02: Introduction to wiresharkYoram Orzach
 
Packet analysis using wireshark
Packet analysis using wiresharkPacket analysis using wireshark
Packet analysis using wiresharkBasaveswar Kureti
 
Apache Spark: Coming up to speed
Apache Spark: Coming up to speedApache Spark: Coming up to speed
Apache Spark: Coming up to speedAdarsh Pannu
 
Incident response: Advanced Network Forensics
Incident response: Advanced Network ForensicsIncident response: Advanced Network Forensics
Incident response: Advanced Network ForensicsNapier University
 
Detection of Idle Stealth Port Scan Attack in Network Intrusion Detection Sys...
Detection of Idle Stealth Port Scan Attack in Network Intrusion Detection Sys...Detection of Idle Stealth Port Scan Attack in Network Intrusion Detection Sys...
Detection of Idle Stealth Port Scan Attack in Network Intrusion Detection Sys...skpatel91
 
Practical Packet Analysis: Wireshark
Practical Packet Analysis: Wireshark Practical Packet Analysis: Wireshark
Practical Packet Analysis: Wireshark Ashley Wheeler
 
Wireshark Inroduction Li In
Wireshark Inroduction Li InWireshark Inroduction Li In
Wireshark Inroduction Li Inmhaviv
 
Network Analysis Using Wireshark 1
Network Analysis Using Wireshark 1Network Analysis Using Wireshark 1
Network Analysis Using Wireshark 1Yoram Orzach
 
Beginner's Guide to the nmap Scripting Engine - Redspin Engineer, David Shaw
Beginner's Guide to the nmap Scripting Engine - Redspin Engineer, David ShawBeginner's Guide to the nmap Scripting Engine - Redspin Engineer, David Shaw
Beginner's Guide to the nmap Scripting Engine - Redspin Engineer, David ShawRedspin, Inc.
 

Andere mochten auch (16)

Nmap not only a port scanner by ravi rajput comexpo security awareness meet
Nmap not only a port scanner by ravi rajput comexpo security awareness meet Nmap not only a port scanner by ravi rajput comexpo security awareness meet
Nmap not only a port scanner by ravi rajput comexpo security awareness meet
 
Nmap 9 truth "Nothing to say any more"
Nmap 9 truth "Nothing to say any more"Nmap 9 truth "Nothing to say any more"
Nmap 9 truth "Nothing to say any more"
 
NMAP by Shrikant Antre & Shobhit Gautam
NMAP by Shrikant Antre & Shobhit GautamNMAP by Shrikant Antre & Shobhit Gautam
NMAP by Shrikant Antre & Shobhit Gautam
 
Nmap(network mapping)
Nmap(network mapping)Nmap(network mapping)
Nmap(network mapping)
 
OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)
OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)
OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)
 
Wireshark course, Ch 02: Introduction to wireshark
Wireshark course, Ch 02: Introduction to wiresharkWireshark course, Ch 02: Introduction to wireshark
Wireshark course, Ch 02: Introduction to wireshark
 
Packet analysis using wireshark
Packet analysis using wiresharkPacket analysis using wireshark
Packet analysis using wireshark
 
Glint with Apache Spark
Glint with Apache SparkGlint with Apache Spark
Glint with Apache Spark
 
Apache Spark: Coming up to speed
Apache Spark: Coming up to speedApache Spark: Coming up to speed
Apache Spark: Coming up to speed
 
Incident response: Advanced Network Forensics
Incident response: Advanced Network ForensicsIncident response: Advanced Network Forensics
Incident response: Advanced Network Forensics
 
Detection of Idle Stealth Port Scan Attack in Network Intrusion Detection Sys...
Detection of Idle Stealth Port Scan Attack in Network Intrusion Detection Sys...Detection of Idle Stealth Port Scan Attack in Network Intrusion Detection Sys...
Detection of Idle Stealth Port Scan Attack in Network Intrusion Detection Sys...
 
Practical Packet Analysis: Wireshark
Practical Packet Analysis: Wireshark Practical Packet Analysis: Wireshark
Practical Packet Analysis: Wireshark
 
Wireshark Inroduction Li In
Wireshark Inroduction Li InWireshark Inroduction Li In
Wireshark Inroduction Li In
 
Nessus Scanner Vulnerabilidades
Nessus Scanner VulnerabilidadesNessus Scanner Vulnerabilidades
Nessus Scanner Vulnerabilidades
 
Network Analysis Using Wireshark 1
Network Analysis Using Wireshark 1Network Analysis Using Wireshark 1
Network Analysis Using Wireshark 1
 
Beginner's Guide to the nmap Scripting Engine - Redspin Engineer, David Shaw
Beginner's Guide to the nmap Scripting Engine - Redspin Engineer, David ShawBeginner's Guide to the nmap Scripting Engine - Redspin Engineer, David Shaw
Beginner's Guide to the nmap Scripting Engine - Redspin Engineer, David Shaw
 

Ähnlich wie Understanding NMAP

Using metasploit
Using metasploitUsing metasploit
Using metasploitCyberRad
 
3 scanning-ger paoctes-pub
3 scanning-ger paoctes-pub3 scanning-ger paoctes-pub
3 scanning-ger paoctes-pubCassio Ramos
 
Null Delhi chapter - Feb 2019
Null Delhi chapter - Feb 2019Null Delhi chapter - Feb 2019
Null Delhi chapter - Feb 2019Nikhil Raj
 
NMap 101 offline meetup by CyberForge Academy
NMap 101 offline meetup by CyberForge AcademyNMap 101 offline meetup by CyberForge Academy
NMap 101 offline meetup by CyberForge Academycyberforgeacademy
 
Nmap basics-1198948509608024-3
Nmap basics-1198948509608024-3Nmap basics-1198948509608024-3
Nmap basics-1198948509608024-3Harsh Desai
 
01204427-scanner.ppt
01204427-scanner.ppt01204427-scanner.ppt
01204427-scanner.pptVarunBehere1
 
Analysis of ESET Smart Security 6 personal firewall’s thresholds and detectio...
Analysis of ESET Smart Security 6 personal firewall’s thresholds and detectio...Analysis of ESET Smart Security 6 personal firewall’s thresholds and detectio...
Analysis of ESET Smart Security 6 personal firewall’s thresholds and detectio...Andrej Šimko
 
Practical White Hat Hacker Training - Active Information Gathering
Practical White Hat Hacker Training - Active Information GatheringPractical White Hat Hacker Training - Active Information Gathering
Practical White Hat Hacker Training - Active Information GatheringPRISMA CSI
 
Dane presentation
Dane presentationDane presentation
Dane presentationAnkit Singh
 
Network Scanning Phases and Supporting Tools
Network Scanning Phases and Supporting ToolsNetwork Scanning Phases and Supporting Tools
Network Scanning Phases and Supporting ToolsJoseph Bugeja
 
Cisco Router Security
Cisco Router SecurityCisco Router Security
Cisco Router Securitykktamang
 

Ähnlich wie Understanding NMAP (20)

NMAP1.ppt
NMAP1.pptNMAP1.ppt
NMAP1.ppt
 
Zen map
Zen mapZen map
Zen map
 
Backtrack Manual Part3
Backtrack Manual Part3Backtrack Manual Part3
Backtrack Manual Part3
 
Using metasploit
Using metasploitUsing metasploit
Using metasploit
 
3 scanning-ger paoctes-pub
3 scanning-ger paoctes-pub3 scanning-ger paoctes-pub
3 scanning-ger paoctes-pub
 
Nmap5.cheatsheet.eng.v1
Nmap5.cheatsheet.eng.v1Nmap5.cheatsheet.eng.v1
Nmap5.cheatsheet.eng.v1
 
Null Delhi chapter - Feb 2019
Null Delhi chapter - Feb 2019Null Delhi chapter - Feb 2019
Null Delhi chapter - Feb 2019
 
NMap 101 offline meetup by CyberForge Academy
NMap 101 offline meetup by CyberForge AcademyNMap 101 offline meetup by CyberForge Academy
NMap 101 offline meetup by CyberForge Academy
 
Nmap basics-1198948509608024-3
Nmap basics-1198948509608024-3Nmap basics-1198948509608024-3
Nmap basics-1198948509608024-3
 
01204427-scanner.ppt
01204427-scanner.ppt01204427-scanner.ppt
01204427-scanner.ppt
 
Analysis of ESET Smart Security 6 personal firewall’s thresholds and detectio...
Analysis of ESET Smart Security 6 personal firewall’s thresholds and detectio...Analysis of ESET Smart Security 6 personal firewall’s thresholds and detectio...
Analysis of ESET Smart Security 6 personal firewall’s thresholds and detectio...
 
Ethical hacking with Python tools
Ethical hacking with Python toolsEthical hacking with Python tools
Ethical hacking with Python tools
 
Contents namp
Contents nampContents namp
Contents namp
 
Contents namp
Contents nampContents namp
Contents namp
 
Namp
Namp Namp
Namp
 
Practical White Hat Hacker Training - Active Information Gathering
Practical White Hat Hacker Training - Active Information GatheringPractical White Hat Hacker Training - Active Information Gathering
Practical White Hat Hacker Training - Active Information Gathering
 
Dane presentation
Dane presentationDane presentation
Dane presentation
 
Day2
Day2Day2
Day2
 
Network Scanning Phases and Supporting Tools
Network Scanning Phases and Supporting ToolsNetwork Scanning Phases and Supporting Tools
Network Scanning Phases and Supporting Tools
 
Cisco Router Security
Cisco Router SecurityCisco Router Security
Cisco Router Security
 

Mehr von Phannarith Ou, G-CISO

3 Security Tips for better security for personal computer
3 Security Tips for better security for personal computer3 Security Tips for better security for personal computer
3 Security Tips for better security for personal computerPhannarith Ou, G-CISO
 
Case - How to protect your information
Case - How to protect your informationCase - How to protect your information
Case - How to protect your informationPhannarith Ou, G-CISO
 
Case Study - Internet Security Policy (Khmer)
Case Study - Internet Security Policy (Khmer)Case Study - Internet Security Policy (Khmer)
Case Study - Internet Security Policy (Khmer)Phannarith Ou, G-CISO
 
Network Security with ISA Server 2006
Network Security with ISA Server 2006Network Security with ISA Server 2006
Network Security with ISA Server 2006Phannarith Ou, G-CISO
 
Network Installation and Management in Windows 2008 Enterprise
Network Installation and Management in Windows 2008 EnterpriseNetwork Installation and Management in Windows 2008 Enterprise
Network Installation and Management in Windows 2008 EnterprisePhannarith Ou, G-CISO
 
Understanding Malware by BBU Student
Understanding Malware by BBU StudentUnderstanding Malware by BBU Student
Understanding Malware by BBU StudentPhannarith Ou, G-CISO
 

Mehr von Phannarith Ou, G-CISO (20)

3 Security Tips for better security for personal computer
3 Security Tips for better security for personal computer3 Security Tips for better security for personal computer
3 Security Tips for better security for personal computer
 
Reconnaisance
Reconnaisance Reconnaisance
Reconnaisance
 
Case - How to protect your information
Case - How to protect your informationCase - How to protect your information
Case - How to protect your information
 
Case - How to protect your website
Case - How to protect your websiteCase - How to protect your website
Case - How to protect your website
 
Case Study - Internet Security Policy (Khmer)
Case Study - Internet Security Policy (Khmer)Case Study - Internet Security Policy (Khmer)
Case Study - Internet Security Policy (Khmer)
 
Internet Security Policy - Khmer
Internet Security Policy - Khmer Internet Security Policy - Khmer
Internet Security Policy - Khmer
 
How to Protect Computer From Virus
How to Protect Computer From VirusHow to Protect Computer From Virus
How to Protect Computer From Virus
 
How to Secure Your WiFi
How to Secure Your WiFiHow to Secure Your WiFi
How to Secure Your WiFi
 
Facebook Security in 3 Ways
Facebook Security in 3 Ways Facebook Security in 3 Ways
Facebook Security in 3 Ways
 
Understanding Keylogger
Understanding KeyloggerUnderstanding Keylogger
Understanding Keylogger
 
Exchange Server 2003
Exchange Server 2003Exchange Server 2003
Exchange Server 2003
 
Network Security with ISA Server 2006
Network Security with ISA Server 2006Network Security with ISA Server 2006
Network Security with ISA Server 2006
 
Network Installation and Management in Windows 2008 Enterprise
Network Installation and Management in Windows 2008 EnterpriseNetwork Installation and Management in Windows 2008 Enterprise
Network Installation and Management in Windows 2008 Enterprise
 
Secure System Development Proposal
Secure System Development ProposalSecure System Development Proposal
Secure System Development Proposal
 
How to know you was hacked
How to know you was hackedHow to know you was hacked
How to know you was hacked
 
ូUnderstanding DNS Spoofing
ូUnderstanding DNS SpoofingូUnderstanding DNS Spoofing
ូUnderstanding DNS Spoofing
 
Understanding Malware by BBU Student
Understanding Malware by BBU StudentUnderstanding Malware by BBU Student
Understanding Malware by BBU Student
 
Heartbleed vulnerability
Heartbleed vulnerabilityHeartbleed vulnerability
Heartbleed vulnerability
 
P12 r202t8 05-spam
P12 r202t8 05-spamP12 r202t8 05-spam
P12 r202t8 05-spam
 
P12 r202t8 04-d-dos
P12 r202t8 04-d-dosP12 r202t8 04-d-dos
P12 r202t8 04-d-dos
 

Kürzlich hochgeladen

Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactdawncurless
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationnomboosow
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphThiyagu K
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdfQucHHunhnh
 
fourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingfourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingTeacherCyreneCayanan
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityGeoBlogs
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfagholdier
 
9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room servicediscovermytutordmt
 
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...christianmathematics
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Sapana Sha
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxVishalSingh1417
 
Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Disha Kariya
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)eniolaolutunde
 
General AI for Medical Educators April 2024
General AI for Medical Educators April 2024General AI for Medical Educators April 2024
General AI for Medical Educators April 2024Janet Corral
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Celine George
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3JemimahLaneBuaron
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfciinovamais
 

Kürzlich hochgeladen (20)

Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communication
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot Graph
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
 
fourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingfourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writing
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdf
 
9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service
 
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
 
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
 
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptxINDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptx
 
Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)
 
General AI for Medical Educators April 2024
General AI for Medical Educators April 2024General AI for Medical Educators April 2024
General AI for Medical Educators April 2024
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 

Understanding NMAP

  • 2.  What is Nmap?  Process of Nmap  Scanning techniques  Dectect OS with Nmap  Host and Port Option  Real Time Information  Timing Option  Logging Information Agenda
  • 3. What is Nmap?  Nmap is a free and open source utility for network discovery and security auditing.  Latest version of nmap is 6.49BETA2  Nmap supports all platform of OS like  Linux/Unix  Microsoft  Mac
  • 4. Process Nmap 1. If hostname use as target, nmap will perform dns lookup to scan. But if ip address use as target, dns lookup will not process 2. Nmap pings the romote device. Can disable ping with option (- Pn) 3. If IP address is specified as the remote host, Reverse DNS will occur. We can use option (-n) to disable if we think it is not necessary 4. Nmap executes the scan.
  • 5. TCP SYN Scan (-sS)  Allow nmap to gather information about open ports without completing the TCP handshake process.  By default if nmap scan option isn’t specified on the command line, TCP SYN scan is use #namp --sS -v 192.168.1.100 Source Destination
  • 6. TCP SYN Scan (-sT)  Allow nmap to gather information about open ports with completing the TCP handshake process.  nmap –sT –v 192.168.1.100 Source Destination
  • 7. Ping Scan (-sP)  Ping Scan is a quickest scan that nmap perform.  It is useful to determine remote hosts are up or down. #nmap -v -sP 192.168.1.100 --packet_trace Source Destination
  • 8. Version Detection (-sV)  Allow nmap to gather version of application of remote host  The version detection scan runs automatically if the Aggressive Scan (-A) is selected.  -sP, -sL, -sO will not run the same command line with version detection Source Destination
  • 9. UDP Scan (-sU)  UDP has no need to process 3 way handshake or SYN, FIN, and RST. #nmap -sU -v 192.168.1.100 --packet_trace Source Destination
  • 10. IP Protocol Scan (-sO)  The IP Protocol Scan attempt to determine IP Protocol support on target. #nmap -v -sO 192.168.1.100 --packet_trace Source Destination
  • 11. ACK Scan (-sA)  ACK Scan to determine port filter or unfilter #nmap -sA -v 192.168.1.100 Source Destination
  • 12. Window Scan (-sA)  Allow nmap to gather information about open ports without completing the TCP handshake process.  The version detection scan runs automatically if the Aggressive Scan (-A) is selected.  -sP, -sL, -sO will not run the same command line with version detection Source Destination
  • 13. Idlescan (-sI)  Idle Scan use other station to scan remote host device #nmap -sI -v 192.168.1.50 192.168.1.100 Source Destination Zombie
  • 14. How to Detect OS with Nmap  Technically, nmap provide the rich feature that offer us to dectect what OS that remote devices are used.  By using below additional options we can get what OS of remote host  OS fingerprint with option (-O) #nmap -sS -O 192.168.1.100  Additional, Advance, and Aggressive (-A) Note: shortcut for running (-O) & (-sV) #nmap -sS -A 192.168.1.100
  • 15. Host and Port options  Except Target  Exclude Targets (--exclude host1,host2,….) This option provide nmap to avoid scanning specific hosts that are not necessary #nmap -v -sS 192.168.1.0/24 --exclude 192.168.1.1-10  Exclude Targets in File (--excludefile <filename>) This option provide nmap to avoid scanning specific hosts from file. #nmap -v -sS 192.168.1.0/24 --ecludefile except_IP.txt  Include Target  Read Targets from File (-iL <filename>) This option provide name to scan specific host from file. #nmap -v -sS 192.168.1.0/24 -iL IP_Scan.txt
  • 16. Host and Port options (Cont)  Specify Port Protocol or Port Number (-p <port_range>) by using this option, it provides nmap to scan specific port rather than scan all port (1000 ports) #nmap -v -sS -p 80 192.168.1.100 (-p dedicate to TCP port number) #nmap -v -sO -p 6 192.168.1.100 (-p dedicate to protocol number) #nmap -v -sU -p 6 192.168.1.100 (-p dedicate UDP Port number)
  • 17. Real Time Information  While Nmap is processing to scan remote host device, there are a lot of activities behind what we seen on screen.  So we use additional option to see slightly with :  Verbose Mode (--verbose, -v) #nmap -sS -v 192.168.1.100  Packet Trace (--packet_trace) #nmap -sS -v 192.168.1.100 --packet_trace
  • 18. Timing Option (--timing, -T <0-5>) Category Initial_rtt_timeout Min_rtt_timeout Max_rtt_timeout Max_parallelism Scan_delay Max_scan_delay T0/Paranoid 5 min Default 100ms Default 10 sec serial 5 min Default 1 sec T1/Sneaky 15 Sec Default 100ms Default 10 sec serial 15 sec Default 1 sec T2/Polite Default (1 Sec) Default 100ms Default 10 sec serial 400ms Default 1 sec T3/Normal Default (1 Sec) Default 100ms Default 10 sec parallel 0 sec Default 1 sec T4/Aggressive 500ms 100ms 1,250ms parallel 0 sec 10ms T5/Insane 200ms 50ms 300ms parallel 0 sec 5ms #nmap -sS -v 192.168.1.100 -T5
  • 19. Logging Information  Nmap provide many options of logging the scan result.  Normal Format (-oN <Logfilename>) #nmap -sS -v 192.168.1.100 --packet_trace -oN nmap_output  XML Format (-oX <Logfilenmae>) #nmap -sS -v 192.168.1.100 --packet_trace -oN nmap_output  Grepable Format (-oG <filename>) #nmap -sS -v 192.168.1.100 --packet_trace -oG nmap_output  All Formats (-oA <filename>) this option will create 3 different output (Normal, XML, grepable output) #nmap -sS -v 192.168.1.100 --packet_trace -oA nmap_output
  • 20. Nmap sample command Nmap command Description Nmap 192.168.1.100 Perform nmap scan default on host 192.168.1.100 Nmap 192.168.1.0/24 Scan default nmap on network 192.168.1.0 Nmap –sP 192.168.1.100 Just ping to identify remote host alive or not Nmap –sS –O –p 22,80,443 192.168.1.100 Perform SYN scan on port 22, 80, and 443 on remote host and dectect operation system nmap -sS -Pn -sV -O nmap.org Syn scan, no ping, identify version, and operating system detection. nmap -v -n -sS -sU -Pn -A -oA scan nmap.org -v invokes verbosity. -n skips name resolution. -sS is a SYN scan. -sU scans UDP ports. -Pn skips pinging. -A enables both OS fingerprinting and version detection (tries to verify what is listening on found ports). -oA scan creates reports as scan.nmap, scan.gnmap, and scan.xml.