NMAP Experiment

Nmap ExperimentOutlineIntroductionNMAP - NMAP advantages- NMAP capability of supportNMAP Install- Install of under Windows- Install of under LinuxNMAP Experiment- Use NMAP- Parameter-sT- Parameter-sSConclusions2IntroductionA Port Scanner software on unix

By NMAP scan- Quickly know remote host executive services- Guess remote hosts Operation System & Version- Subnet scanning =>To detect the subnet on which hosts and each of detection of its services

3Nmap pros & functionNmap advantages - Support scanning of variety protocols- Support most of existing system- Operate interface simply- Simple instructions , powerful functions- Free software Nmap function - TCP SYN scanning- TCP ftp proxy scanning- ICMP scanning- TCP ping scanning

4TCP Flag Definition5FlagSYNThe beginning of a connectionACKAcknowledge receipt of a previous packet or transmissionFINClose a TCP connectionRSTAbort a TCP connectionThree-way handshakeClientServerSYNSYN/ACKACKConnection EstablishedClientServerFINACK/FINACKConnectionClosedConnectDisconnect66Nmap InstallWindowshttp://insecure.org

8LinuxFedora : (Root Permission) yum install Nmap or wget http://~~/nmap-5.00-1.i386.rpmUbuntu : sudo apt-get install Nmap

9

Instruction : nmap sT Target hostScanning for TCP Ports

10SYN ScanNmap sends to Host PortNmap receives from Host PortNmap AssumesSYNSYN/ACKPort is openHost is upSYNRSTPort is closedHost is upSYNNothingPort is blocked by firewallOr Host is down

Instruction : nmap sS Target host1111Instruction : namp p [1-1024] Target hostScanning Host Port

12Instruction : nmap O Target hostOS detection

13ConclusionsNmap is a useful and free security detective tool

Through Nmap provide detailed information thatcan understand host deeply and also avoid unexpectedsecurity vulnerabilities

Other scanning tools - Netscantools- Superscan- IPEYE- WUPS14