Search

Join this Blog for direct reference of any post into your inbox. To join just click on "Join this Site" under "Follower" then Login with your Email.*** DECLARATION: I Maintain this Blog for Helping Myself While at Work and Welcome any body Needing Help!!!.*** CAUTION: Using any of the script from this Blog may contain at Own Risk. These scripts May or May not have been Tested.***

Tuesday, 12 June 2012

NMAP free Security Scanner “Audit your network before the bad guys do”

This document describes the very latest version of Nmap or Zenmap available from http://nmap.org/download.html or http://nmap.org/dist/?C=M&O=D. For windows it is called Zenmap available from http://nmap.org/download.html#windows. Many other OS support NMAP for detail click on the below link:
Nmap or Zenmap is distributed with source code under the terms of the GNU General Public License, with certain clarifications and exceptions noted in the copyright page.
What is Nmap or Zenmap?
Network Mapper (for Linux called Nmap or for windows called Zenmap) is an open source tool for network exploration and security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts. Nmap or Zenmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services ( application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. While Nmap is commonly used for security audits, many systems and network administrators find it useful for routine tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime.
How to install Zenmap: (on Windows)
Before downloading, be sure to read the relevant sections for your platform from the Nmap Install Guide. Please ensure you are using the latest version before reporting that a feature doesn't work as described.
1.            Run the setup similar to the installation of any other software and do the same.
2.            After installation you will see a shortcut on your desktop “Nmap - Zenmap GUI”
3.            Click on this shortcut to start the Nmap then set the target IP of the server which you want to scan and also the associated profile (what you want to perform; generally you can use “intense scan all TCP ports).
4.            Command line is automatically generated; Finally click “scan” to start the scan
How to install Nmap: (Linux)
1.      Download the latest version of Nmap in .tar.bz2 (bzip2 compression) or .tgz (gzip compression) format from http://nmap.org/download.html.
2.      Decompress the downloaded tarball with a command such as:
bzip2 -cd nmap-<VERSION>.tar.bz2 | tar xvf -
With GNU tar, the simpler command tar xvjf nmap-<VERSION>.tar.bz2 does the trick. If you downloaded the .tgz version, replace bzip2 with gzip in the decompression command.
3.      Change into the newly created directory: cd nmap-<VERSION>
4.      Configure the build system: ./configure
If the configuration succeeds, a message appears to congratulate you on successful configuration and warn you to be careful. Nmap is now installed as /usr/local/bin/nmap! Run it with no arguments for a quick help screen.
Note: Become a privileged user for system-wide install: su root
The below output from Zenmap (on windows) is a list of scanned targets, with supplemental information on each depending on the options used. A typical Zenmap scan is shown in below figure1. The only Zenmap arguments used in this example are –sV to enable quick scan. You can use -A, to enable OS and version detection, script scanning, and traceroute; -T4 for faster execution; and then the target hostnames.
The Key among that information is the “interesting ports table”. That table lists the port number and protocol, service name, and state. The state is either open, filtered, closed, or unfiltered. Open means that an application on the target machine is listening for connections/packets on that port. Filtered means that a firewall, filter, or other network obstacle is blocking the port so that Nmap or Zenmap cannot tell whether it is open or closed. Closed ports have no application listening on them, though they could open up at any time. Ports are classified as unfiltered when they are responsive to Nmap's probes, but Nmap or Zenmap cannot determine whether they are open or closed. Nmap or Zenmap reports the state combinations open|filtered and closed|filtered when it cannot determine which of the two states describe a port. The port table may also include software version details when version detection has been requested. When an IP protocol scan is requested (-sO), Nmap or Zenmap provides information on supported IP protocols rather than listening ports.
In addition to the interesting ports table, Nmap or Zenmap can provide further information on targets, including reverse DNS names, operating system guesses, device types, and MAC addresses, host details, Topology information.
The newest version of Nmap can be obtained from http://nmap.org. The newest version of this main page is available at http://nmap.org/book/man.html. It is also included as a chapter of Nmap Network Scanning: the Official Nmap Project Guide to Network Discovery and Security Scanning.



0 comments:

Post a Comment