SlideShare a Scribd company logo

Namp

Download as PPT, PDF
P
penetration Tester

This document provides an overview of IP network scanning using the nmap tool. It describes how nmap can be used to discover active hosts on a network, identify open ports and services, determine operating system and software versions running on devices. Various scanning techniques are outlined, including host discovery, port scanning, and OS detection. The document also reviews common nmap commands and features such as target and port selection, different scan types, and using Nmap Scripting Engine (NSE) scripts.

Education
Related topics:
Cyber-Security
1 of 33
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
IP Network Scanning
Outline What is IP network scanning?  Concepts, motivation Example Tool  nmap Scanning types  Host discovery  port scanning  Version detection  OS detection
What is Scanning? • Method to gather information regarding the devices running on the network – Typically to discover services or servers on a network • Which hosts are up? • Which services are offering? • Do not confuse with “host vulnerability scanner” which further explore a computer by testing for common vulnerabilities (nessus)
Why Scanning?  Network Security assessment  Evaluation and Auditing the security  Firewall Penetration Test (Policy auditing)  IDS proof/evaluation  Identifying unexpected new servers  Identifying open ports for  proactively protect the network (Network and security admin)  attacking it (Hackers)
Why nmap  An excellent tool  Long history of development and support  Continuous development and improvements  “Industry Standard” port scanner
nmap features • Host Discovery: Which host is alive? – Identifying computers on a network, for example listing the computers which respond to pings (Ping Sweeps) • Port Scanning : What services are available? – Enumerating the open ports on one or more target computers • Service and Version Detection : Which version is running? – Determine the application name and version number • OS Detection: What platforms are served? – Remotely determining the OS and some hardware characteristics of network devices
Host Discovery  Querying multiple hosts using this method is referred to as ping sweeps  The most basic step in mapping out a network.  Several Sweeps technique  ICMP Sweeps  Broadcast ICMP  NON Echo ICMP  TCP sweep  UDP sweep
Target Selection Scan a single IP: nmap 192.168.20.128
Target Selection Scan a host : nmap www.example.com
Target Selection Scan a range of IPs : nmap 192.168.20.120-128
Target Selection Scan a subnet : nmap 192.168.20.2/24
Target Selection Scan targets from Text file : nmap -iL ips.txt
Port Selection Scan a single port: nmap -p 22 192.168.20.128
Port Selection Scan a range of ports : nmap -p 1-100 192.168.20.128
Port Selection Scan 100 common ports : nmap -F 192.168.20.128
Port Selection Scan all ports : nmap -p- 192.168.20.128
Scan Types Scan using TCP connect : nmap -sT 192.168.20.128
Scan Types Scan using TCP SYN scan : nmap -sS 192.168.20.128
Scan Types Scan UDP ports : nmap -sU -p 123,161,162 192.168.20.128
Scan Types Scan Selected ports (Ignore Discovery) : nmap -Pn -F 192.168.20.128
Service and OS Detection Detect OS and Services : nmap -A 192.168.20.128
Service and OS Detection Standard service detection : nmap -sV 192.168.20.128
Output Formats Save default output to file : nmap -oN result.txt 192.168.20.128
Output Formats Save results as XML : nmap -oX resultxml.xml 192.168.20.128
Output Formats Save in all formats : nmap -oA allformats 192.168.20.128
Scripting Engine Scan using default safe scripts : nmap -sV -sC 192.168.20.128
Scripting Engine Get help for a script : nmap –script-help=ssl-heartbleed
Scripting Engine Scan using a specific script : nmap -sV -p 443 -script=ssl-heartbleed 192.168.20.133
Scripting Engine Update script database : nmap –script-updatedb
Some Useful NSE Scripts Scan for UDP DDOS reflectors : nmap -sU -A -PN -n -pU:19,53,123,161 -script=ntp- monlist,dns-recursion,snmp-sysdescr 192.168.20.2/24
Some Useful NSE Scripts Gather page titles from HTTP Servers : nmap –script=http-title 192.168.20.128
Some Useful NSE Scripts Get HTTP headers of web services : nmap –script= http-headers 192.168.20.128
Some Useful NSE Scripts Find web apps from known paths : nmap –script=http-enum 192.168.20.128

More Related Content

PPTX
Network scan
penetration Tester
 
PPT
Network Scanning Phases and Supporting Tools
Joseph Bugeja
 
PDF
Ch 5: Port Scanning
Sam Bowne
 
PPTX
Netcat
penetration Tester
 
PPTX
Nmap
Megha Sahu
 
PPT
Module 3 Scanning
leminhvuong
 
PDF
Nmap commands
Kailash Kumar
 
PPT
Port Scanning
amiable_indian
 
Network scan
penetration Tester
 
Network Scanning Phases and Supporting Tools
Joseph Bugeja
 
Ch 5: Port Scanning
Sam Bowne
 
Netcat
penetration Tester
 
Nmap
Megha Sahu
 
Module 3 Scanning
leminhvuong
 
Nmap commands
Kailash Kumar
 
Port Scanning
amiable_indian
 

What's hot (19)

PPTX
Ethical hacking Chapter 6 - Port Scanning - Eric Vanderburg
Eric Vanderburg
 
PPTX
Nmap(network mapping)
shwetha mk
 
PPTX
Nmap basics
n|u - The Open Security Community
 
PPTX
Understanding NMAP
Phannarith Ou, G-CISO
 
PPTX
Operation of Ping - (Computer Networking)
Jubayer Al Mahmud
 
PDF
Nmap Basics
amiable_indian
 
PPT
Dynamic Port Scanning
amiable_indian
 
DOCX
Network scanning with nmap
Ashish Jha
 
PDF
Packet sniffing & ARP Poisoning
Viren Rao
 
PPTX
Packet analysis using wireshark
Basaveswar Kureti
 
PPTX
Fire wall security
Chandresh Suthar
 
ODP
Wireless security beyond password cracking by Mohit Ranjan
OWASP Delhi
 
PDF
Wireshark Tutorial
Coursenvy.com
 
PPT
Netcat
yogendra singh chahar
 
PDF
CNIT 50: 6. Command Line Packet Analysis Tools
Sam Bowne
 
PPTX
Vulnerability and Penetration Testing
Jeffery Brown
 
PDF
Wireshark tutorial
Chaman Poorani
 
PPTX
Netcat - A Swiss Army Tool
Chandrapal Badshah
 
PPT
Eshcol tech solutions pvt ltd
Ojas Kumar
 
Ethical hacking Chapter 6 - Port Scanning - Eric Vanderburg
Eric Vanderburg
 
Nmap(network mapping)
shwetha mk
 
Nmap basics
n|u - The Open Security Community
 
Understanding NMAP
Phannarith Ou, G-CISO
 
Operation of Ping - (Computer Networking)
Jubayer Al Mahmud
 
Nmap Basics
amiable_indian
 
Dynamic Port Scanning
amiable_indian
 
Network scanning with nmap
Ashish Jha
 
Packet sniffing & ARP Poisoning
Viren Rao
 
Packet analysis using wireshark
Basaveswar Kureti
 
Fire wall security
Chandresh Suthar
 
Wireless security beyond password cracking by Mohit Ranjan
OWASP Delhi
 
Wireshark Tutorial
Coursenvy.com
 
Netcat
yogendra singh chahar
 
CNIT 50: 6. Command Line Packet Analysis Tools
Sam Bowne
 
Vulnerability and Penetration Testing
Jeffery Brown
 
Wireshark tutorial
Chaman Poorani
 
Netcat - A Swiss Army Tool
Chandrapal Badshah
 
Eshcol tech solutions pvt ltd
Ojas Kumar
 
Ad

Similar to Namp (20)

PPT
01204427-scanner.ppt
VarunBehere1
 
PPTX
NMap
Pritesh Raka
 
PDF
Nmap
Fat-Thing Gabriel-Culley
 
PPT
NMAP1.ppt
DakshKhurana15
 
PPT
CYBER FORENSICS-scanning and enumuration.ppt
jayaprasanna10
 
PPTX
Nmap and metasploitable
Mohammed Akbar Shariff
 
PDF
Nmap basics-1198948509608024-3
Harsh Desai
 
PPTX
Scanning and Enumeration in Cyber Security.pptx
MahdiHasanSowrav
 
PPTX
Recon with Nmap
OWASP Delhi
 
PPTX
Null Delhi chapter - Feb 2019
Nikhil Raj
 
PDF
eLea4555555555555555555555555555555rnSecurity .pdf
sheetcyber
 
PPTX
Day 1 - Lab 1 Reconnaissance Scanning with NMAP, Vulnerability Assessment wit...
Abodahab
 
PPTX
ServicesPorts on systems, identifying open ports
kinipradeep2
 
PDF
NMap 101 offline meetup by CyberForge Academy
cyberforgeacademy
 
PPTX
Nmap project presentation : Unlocking Network Secrets: Mastering Port Scannin...
Boston Institute of Analytics
 
PDF
wireshark.pdf
ssuserafc27c
 
PDF
O PODER DO NMAP ATRAVÉS DE SEUS COMANDOS.pdf
Maicon Wendhausen
 
PPT
Traffic monitoring
Radu Galbenu
 
PDF
Footprinting tools for security auditors
Jose Manuel Ortega Candel
 
PPTX
Sccccccccccccccccccccccannig Network.pptx
rsi3pfe
 
01204427-scanner.ppt
VarunBehere1
 
NMap
Pritesh Raka
 
Nmap
Fat-Thing Gabriel-Culley
 
NMAP1.ppt
DakshKhurana15
 
CYBER FORENSICS-scanning and enumuration.ppt
jayaprasanna10
 
Nmap and metasploitable
Mohammed Akbar Shariff
 
Nmap basics-1198948509608024-3
Harsh Desai
 
Scanning and Enumeration in Cyber Security.pptx
MahdiHasanSowrav
 
Recon with Nmap
OWASP Delhi
 
Null Delhi chapter - Feb 2019
Nikhil Raj
 
eLea4555555555555555555555555555555rnSecurity .pdf
sheetcyber
 
Day 1 - Lab 1 Reconnaissance Scanning with NMAP, Vulnerability Assessment wit...
Abodahab
 
ServicesPorts on systems, identifying open ports
kinipradeep2
 
NMap 101 offline meetup by CyberForge Academy
cyberforgeacademy
 
Nmap project presentation : Unlocking Network Secrets: Mastering Port Scannin...
Boston Institute of Analytics
 
wireshark.pdf
ssuserafc27c
 
O PODER DO NMAP ATRAVÉS DE SEUS COMANDOS.pdf
Maicon Wendhausen
 
Traffic monitoring
Radu Galbenu
 
Footprinting tools for security auditors
Jose Manuel Ortega Candel
 
Sccccccccccccccccccccccannig Network.pptx
rsi3pfe
 
Ad

More from penetration Tester (20)

DOCX
Maven
penetration Tester
 
PPTX
Jenkins
penetration Tester
 
PDF
Jenkins
penetration Tester
 
PPTX
Sonar qube
penetration Tester
 
PPTX
Owasp zap
penetration Tester
 
PPTX
Sonarlint
penetration Tester
 
PPTX
Shift left
penetration Tester
 
PPTX
Deployment Strategies
penetration Tester
 
PPTX
DSOMM
penetration Tester
 
PPTX
Devops
penetration Tester
 
PPTX
Shift left
penetration Tester
 
PPTX
Lfi
penetration Tester
 
PPTX
Directory traversal
penetration Tester
 
PDF
Burp documentation
penetration Tester
 
DOCX
7 layer OSI model
penetration Tester
 
PPTX
Virtual box
penetration Tester
 
PPTX
Tcp IP OSI
penetration Tester
 
PPTX
Burp repeater
penetration Tester
 
PPTX
Burp intruder
penetration Tester
 
PPTX
Hippa
penetration Tester
 
Maven
penetration Tester
 
Jenkins
penetration Tester
 
Jenkins
penetration Tester
 
Sonar qube
penetration Tester
 
Owasp zap
penetration Tester
 
Sonarlint
penetration Tester
 
Shift left
penetration Tester
 
Deployment Strategies
penetration Tester
 
DSOMM
penetration Tester
 
Devops
penetration Tester
 
Shift left
penetration Tester
 
Lfi
penetration Tester
 
Directory traversal
penetration Tester
 
Burp documentation
penetration Tester
 
7 layer OSI model
penetration Tester
 
Virtual box
penetration Tester
 
Tcp IP OSI
penetration Tester
 
Burp repeater
penetration Tester
 
Burp intruder
penetration Tester
 
Hippa
penetration Tester
 

Recently uploaded (20)

PDF
Supply Chain Operations Speaking Notes -ICLT Program
labyankof
 
PDF
TR - Agricultural Crops Production NC III.pdf
avgilmegino3
 
PPTX
Pharmacology of Heart Failure /Pharmacotherapy of CHF
Rajshri Ghogare
 
PPTX
Final Presentation General Medicine 03-08-2024.pptx
ZaheerAhmad228692
 
PDF
2.FourierTransform-ShortQuestionswithAnswers.pdf
Raji Murugan
 
PPTX
Cell Structure & Organelles in detailed.
DHANASHREESIVAKUMAR
 
PDF
Complications of Minimal Access Surgery at WLH
mohitsuren827
 
PDF
Module 4: Burden of Disease Tutorial Slides S2 2025
Jonathan Hallett
 
PPTX
human mycosis Human fungal infections are called human mycosis..pptx
shilpa939953
 
PDF
Physiotherapy_for_Respiratory_and_Cardiac_Problems WEBBER.pdf
DrMONISHAphysio
 
PDF
ANTIBIOTICS.pptx.pdf………………… xxxxxxxxxxxxx
HakHe
 
PDF
FourierSeries-QuestionsWithAnswers(Part-A).pdf
Raji Murugan
 
PPTX
PPH.pptx obstetrics and gynecology in nursing
SrideviDevaraj5
 
PDF
grade 11-chemistry_fetena_net_5883.pdf teacher guide for all student
banteamlakmebratu738
 
PDF
RMMM.pdf make it easy to upload and study
sajedul2
 
PDF
102 student loan defaulters named and shamed – Is someone you know on the list?
Kweku Zurek
 
PPTX
BOWEL ELIMINATION FACTORS AFFECTING AND TYPES
PreetiSawant10
 
PPTX
Microbial diseases, their pathogenesis and prophylaxis
DevlinaSengupta
 
PDF
Saundersa Comprehensive Review for the NCLEX-RN Examination.pdf
sreejithcareers
 
PPTX
The Healthy Child – Unit II | Child Health Nursing I | B.Sc Nursing 5th Semester
RAKESH SAJJAN
 
Supply Chain Operations Speaking Notes -ICLT Program
labyankof
 
TR - Agricultural Crops Production NC III.pdf
avgilmegino3
 
Pharmacology of Heart Failure /Pharmacotherapy of CHF
Rajshri Ghogare
 
Final Presentation General Medicine 03-08-2024.pptx
ZaheerAhmad228692
 
2.FourierTransform-ShortQuestionswithAnswers.pdf
Raji Murugan
 
Cell Structure & Organelles in detailed.
DHANASHREESIVAKUMAR
 
Complications of Minimal Access Surgery at WLH
mohitsuren827
 
Module 4: Burden of Disease Tutorial Slides S2 2025
Jonathan Hallett
 
human mycosis Human fungal infections are called human mycosis..pptx
shilpa939953
 
Physiotherapy_for_Respiratory_and_Cardiac_Problems WEBBER.pdf
DrMONISHAphysio
 
ANTIBIOTICS.pptx.pdf………………… xxxxxxxxxxxxx
HakHe
 
FourierSeries-QuestionsWithAnswers(Part-A).pdf
Raji Murugan
 
PPH.pptx obstetrics and gynecology in nursing
SrideviDevaraj5
 
grade 11-chemistry_fetena_net_5883.pdf teacher guide for all student
banteamlakmebratu738
 
RMMM.pdf make it easy to upload and study
sajedul2
 
102 student loan defaulters named and shamed – Is someone you know on the list?
Kweku Zurek
 
BOWEL ELIMINATION FACTORS AFFECTING AND TYPES
PreetiSawant10
 
Microbial diseases, their pathogenesis and prophylaxis
DevlinaSengupta
 
Saundersa Comprehensive Review for the NCLEX-RN Examination.pdf
sreejithcareers
 
The Healthy Child – Unit II | Child Health Nursing I | B.Sc Nursing 5th Semester
RAKESH SAJJAN
 

Namp

  • 2. Outline What is IP network scanning?  Concepts, motivation Example Tool  nmap Scanning types  Host discovery  port scanning  Version detection  OS detection
  • 3. What is Scanning? • Method to gather information regarding the devices running on the network – Typically to discover services or servers on a network • Which hosts are up? • Which services are offering? • Do not confuse with “host vulnerability scanner” which further explore a computer by testing for common vulnerabilities (nessus)
  • 4. Why Scanning?  Network Security assessment  Evaluation and Auditing the security  Firewall Penetration Test (Policy auditing)  IDS proof/evaluation  Identifying unexpected new servers  Identifying open ports for  proactively protect the network (Network and security admin)  attacking it (Hackers)
  • 5. Why nmap  An excellent tool  Long history of development and support  Continuous development and improvements  “Industry Standard” port scanner
  • 6. nmap features • Host Discovery: Which host is alive? – Identifying computers on a network, for example listing the computers which respond to pings (Ping Sweeps) • Port Scanning : What services are available? – Enumerating the open ports on one or more target computers • Service and Version Detection : Which version is running? – Determine the application name and version number • OS Detection: What platforms are served? – Remotely determining the OS and some hardware characteristics of network devices
  • 7. Host Discovery  Querying multiple hosts using this method is referred to as ping sweeps  The most basic step in mapping out a network.  Several Sweeps technique  ICMP Sweeps  Broadcast ICMP  NON Echo ICMP  TCP sweep  UDP sweep
  • 8. Target Selection Scan a single IP: nmap 192.168.20.128
  • 9. Target Selection Scan a host : nmap www.example.com
  • 10. Target Selection Scan a range of IPs : nmap 192.168.20.120-128
  • 11. Target Selection Scan a subnet : nmap 192.168.20.2/24
  • 12. Target Selection Scan targets from Text file : nmap -iL ips.txt
  • 13. Port Selection Scan a single port: nmap -p 22 192.168.20.128
  • 14. Port Selection Scan a range of ports : nmap -p 1-100 192.168.20.128
  • 15. Port Selection Scan 100 common ports : nmap -F 192.168.20.128
  • 16. Port Selection Scan all ports : nmap -p- 192.168.20.128
  • 17. Scan Types Scan using TCP connect : nmap -sT 192.168.20.128
  • 18. Scan Types Scan using TCP SYN scan : nmap -sS 192.168.20.128
  • 19. Scan Types Scan UDP ports : nmap -sU -p 123,161,162 192.168.20.128
  • 20. Scan Types Scan Selected ports (Ignore Discovery) : nmap -Pn -F 192.168.20.128
  • 21. Service and OS Detection Detect OS and Services : nmap -A 192.168.20.128
  • 22. Service and OS Detection Standard service detection : nmap -sV 192.168.20.128
  • 23. Output Formats Save default output to file : nmap -oN result.txt 192.168.20.128
  • 24. Output Formats Save results as XML : nmap -oX resultxml.xml 192.168.20.128
  • 25. Output Formats Save in all formats : nmap -oA allformats 192.168.20.128
  • 26. Scripting Engine Scan using default safe scripts : nmap -sV -sC 192.168.20.128
  • 27. Scripting Engine Get help for a script : nmap –script-help=ssl-heartbleed
  • 28. Scripting Engine Scan using a specific script : nmap -sV -p 443 -script=ssl-heartbleed 192.168.20.133
  • 29. Scripting Engine Update script database : nmap –script-updatedb
  • 30. Some Useful NSE Scripts Scan for UDP DDOS reflectors : nmap -sU -A -PN -n -pU:19,53,123,161 -script=ntp- monlist,dns-recursion,snmp-sysdescr 192.168.20.2/24
  • 31. Some Useful NSE Scripts Gather page titles from HTTP Servers : nmap –script=http-title 192.168.20.128
  • 32. Some Useful NSE Scripts Get HTTP headers of web services : nmap –script= http-headers 192.168.20.128
  • 33. Some Useful NSE Scripts Find web apps from known paths : nmap –script=http-enum 192.168.20.128