seng 460 ece 574 practice of information security ...web.uvic.ca/~garyperkins/lab 4 - intro to...

SENG 460 – ECE 574 Practice of Information Security & Privacy Lab NMAP

Upload: others

Post on 01-Jun-2020

9 views

Category:

Documents

0 download

Report

Download

Embed Size (px):

TRANSCRIPT

SENG 460 – ECE 574

Practice of Information Security

& Privacy Lab

NMAP

Network Mapping

▪ Nmap is a popular tool for identifying ports in remote systems

▪ can help network, security, and developers understand how systems work

and what ports are open

▪ can scan one or many hosts with a variety of options

▪ DISCLAIMER: do not scan hosts you are not authorized to scan

Page 3: SENG 460 ECE 574 Practice of Information Security ...web.uvic.ca/~garyperkins/Lab 4 - Intro to Nmap.pdf · Network Mapping Nmap is a popular tool for identifying ports in remote systems

Installation

▪ Nmap may not be installed on your linux system so use:

▪ sudo apt-get install nmap

▪ Nmap is also available for Windows

Nmap

▪ you can type “nmap” by itself

or “man nmap” to get help with

nmap and many parameters

Page 5: SENG 460 ECE 574 Practice of Information Security ...web.uvic.ca/~garyperkins/Lab 4 - Intro to Nmap.pdf · Network Mapping Nmap is a popular tool for identifying ports in remote systems

▪ nmap scanme.nmap.org

scans for common ports on the specified host and identifies which ports are

open or filtered

▪ filtered means there may be a firewall in the way and nmap cannot be sure

▪ by default nmap tries to determine if the host is alive and will scan only the

most common ports

Page 6: SENG 460 ECE 574 Practice of Information Security ...web.uvic.ca/~garyperkins/Lab 4 - Intro to Nmap.pdf · Network Mapping Nmap is a popular tool for identifying ports in remote systems

▪ nmap –Pn –p80 www.yahoo.com will disable host discovery (-Pn) and scan

Yahoo only for port 80 (-p80)

Page 7: SENG 460 ECE 574 Practice of Information Security ...web.uvic.ca/~garyperkins/Lab 4 - Intro to Nmap.pdf · Network Mapping Nmap is a popular tool for identifying ports in remote systems

▪ scan IP addresses

Page 8: SENG 460 ECE 574 Practice of Information Security ...web.uvic.ca/~garyperkins/Lab 4 - Intro to Nmap.pdf · Network Mapping Nmap is a popular tool for identifying ports in remote systems

▪ scan networks

Page 9: SENG 460 ECE 574 Practice of Information Security ...web.uvic.ca/~garyperkins/Lab 4 - Intro to Nmap.pdf · Network Mapping Nmap is a popular tool for identifying ports in remote systems

▪ nmap 192.168.1.1 scan one IP

▪ nmap 192.168.1.1 192.168.1.3 scan two IPs

▪ nmap 192.168.1.1-10 scan ten IPs

▪ nmap 192.168.1.0/24 scan 255 IPs

▪ nmap –IL file.txt scan all hosts in file.txt

▪ nmap 192.168.1.1 –open only list open ports

▪ nmap -A -T4 192.168.1.1 scan with OS detection fast

▪ nmap -sV 192.168.1.1 detect server, service versions ▪ nmap –oN / -oX / -oS / -oG <file> output scan normal, XML, script

kiddie, and greppable

Page 10: SENG 460 ECE 574 Practice of Information Security ...web.uvic.ca/~garyperkins/Lab 4 - Intro to Nmap.pdf · Network Mapping Nmap is a popular tool for identifying ports in remote systems

▪ you can use scripts with nmap to do basic vulnerability scanning

▪ eg. nmap –Pn –script vuln 192.168.1.1

Page 11: SENG 460 ECE 574 Practice of Information Security ...web.uvic.ca/~garyperkins/Lab 4 - Intro to Nmap.pdf · Network Mapping Nmap is a popular tool for identifying ports in remote systems

Knowledge Check1. do you know what nmap is for?

2. do you know how to install nmap?

3. can you scan one IP? multiple IPs? networks?

4. can you limit the number of ports scanned?

5. do you understand you should only scan hosts you’re authorized to scan?

6. do you know how to identify operating systems?

7. do you know how to set the format of the output?

8. do you know how to limit how fast the nmap scan completes?

9. do you know how to use nmap to scan for vulnerabilities?

Page 12: SENG 460 ECE 574 Practice of Information Security ...web.uvic.ca/~garyperkins/Lab 4 - Intro to Nmap.pdf · Network Mapping Nmap is a popular tool for identifying ports in remote systems

End of Lab

TRADITIONAL APPRENTICESHIP V. COGNITIVE APPRENTICESHIP …web.uvic.ca/~mroth/conferences/CONF2001/Electrical.pdf · TRADITIONAL APPRENTICESHIP V. COGNITIVE APPRENTICESHIP IN THE

howto-linux-nmap - brazil.minnesota.edubrazil.minnesota.edu/examples/ex/howto-linux-nmap.pdf · This pdf shows the installation of nmap. basic nmap operation. and saving nmap output

Social-cognitive Competence, Peer Rejection and …web.uvic.ca/~lalonde/manuscripts/2008SocialDevelopment.pdf · Social-cognitive Competence, Peer Rejection and Neglect, and Behavioral

Application Security 101web.uvic.ca/~garyperkins/Lecture 08 - Application Security 101.pdf · Application Security 101 Tanya Janca Security Trainer and Coach at SheHacksPurple.dev

Curso Nmap.pdf

Diagnostic Testing in Econometrics: Variable Addition ...web.uvic.ca/~dgiles/blog/freset.pdfDiagnostic Testing in Econometrics: Variable Addition, RESET, and Fourier Approximations

The sedimentology and geomorphology of rock …web.uvic.ca/~dshugar/Shugar_Clague_2011_Sedimentology.pdf · The sedimentology and geomorphology of rock avalanche deposits on glaciers

Peter Kennedy - web.uvic.ca

The consequences of Canadian Cordillera thermal regime in ...web.uvic.ca/~rhyndman/PublicationPDFs/HyndmanCordilleraThermal… · The consequences of Canadian Cordillera thermal regime

Measurement with the Exponential Sine Sweep; …web.uvic.ca/~timperry/ELEC499SurroundSoundImpulse... · Measurement with the Exponential Sine Sweep; Application in Convolution Reverb

Constitutional Spring Outline - University of Victoria ...web.uvic.ca/.../9-Constitutional_Spring_Outline_Brian_2007.pdf · Constitutional Law Spring Outline 2 • held: unanimously,

web.uvic.caweb.uvic.ca/~garyperkins/Security+_Cheat_Sheet_Arial.docx · Web viewSecurity+ Cheat Sheet. CREDIT TO: JoonJae ( A summary of the topics covered in Security+ based on David

BinaryDefense:Cyanogenic’GlycosidesandGlucosinolates ...web.uvic.ca/~cpc/20.CyanoGlucos2017.pdfSome Heliconius butterflies can detoxify a cyanogenic glucoside Reprinted with permission

Ambient seismic noisetomography ofCanada and adjacent ...web.uvic.ca/~rhyndman/PublicationPDFs/Kao_etal_Can... · Ambient seismic noisetomography ofCanada and adjacent ... published

Environmental Psychology and Sustainable Development ...web.uvic.ca/~esplab/sites/default/files/Gifford 2007.pdf · Environmental Psychology and Sustainable Development: Expansion,

University of Victoria CHEM 231 INTRODUCTORY ORGANIC CHEMISTRY Course website web.uvic.ca/~chem231 (postings of course information, midterm test dates

Constraints on decision making: Implications from …web.uvic.ca/~lccl/sites/default/files/2013_BakerStockwellHolroyd.pdfConstraints on decision making: Implications from genetics,

Participatory photomapping: a method for documenting ...web.uvic.ca/~ethnoeco/Publications/Bennett_Lantz_2014.pdf · Participatory photomapping: a method for documenting, contextualizing,

The Implications of Coteaching/Cogenerative Dialogue …web.uvic.ca/~mroth/teaching/580/Evaluation.pdf · The Implications of Coteaching/Cogenerative Dialogue ... The Implications

lecture1 - web.uvic.ca

Binary’Defense’2017’p.’’1’web.uvic.ca/~cpc/20.CyanoGlucosin2016.pdfBinary’Defense’2017’p.’’1’ Binary’Defense:’Cyanogenic’Glycosides’andGlucosinolates’

REAL - web.uvic.ca

University of Victoria CHEM 232 ORGANIC CHEMISTRY with BIOLOGICAL APPLICATIONS Course website: web.uvic.ca/~chem232 (postings of course information, midterm

Introducing Nmap - SciTech Connectscitechconnect.elsevier.com/.../uploads/2013/09/Introducing-Nmap.pdf · protected environment of the heavily-guarded datacenter, she was able to

FUZZY%LOGIC…web.uvic.ca/~mroth/PREPRINTS/Fuzzy_Logic.pdf · FUZZY%LOGIC%APPROACHTO%PILOT%ASSESSMENT% 4%. skillswholesale—letalonethedifficultyassociated%withchangingtwentyyearsofaviation

SENG 460 / ECE 574 Practice of Information Security and Privacyweb.uvic.ca/~garyperkins/SENG 460 - ECE 574 - Lecture 05... · 2020-01-24 · 3 targeted areas of democratic process:

Chapter 33 — Stereoselective reactions of cyclic compounds ...web.uvic.ca/~fhof/classes/335/slides_ch33_stereoselectivity_cyclic.pdf · Chapter 33 — Stereoselective reactions

Lámina 1 Dr. Roberto Gómezcryptomex.org/SlidesSeguridad/nmap.pdf · • Por ejemplo un scaneo a una sola máquina: • Para scanear una conjunto de redes se puede usar una máscara

Review Gary Perkins, MBA, CISSPweb.uvic.ca/~garyperkins/SENG 460 - ECE 574 - Lecture 04...cybersecurity landscape changes every day engage communications proactively and develop messaging

NON-FIRST ORDER SPECTRA p. 173 - web.uvic.ca

Coteaching/Cogenerative Dialoguing Learning Environments ...web.uvic.ca/~mroth/conferences/CONF2001/LER-AERA.pdf · Coteaching/Cogenerative Dialoguing : Learning Environments Research

GAPI Global Aquaculture Performance Index - University …web.uvic.ca/~gapi/data/reports/GlobalAquaculturePerfo… · · 2011-02-08Indonesia ... Global Aquaculture Performance Index

Interdimensional interference in the Stroop effect: uncovering the …web.uvic.ca/.../Lectures451_2017_files/StroopLecturepdf.pdf · 2018. 10. 29. · Stroop effect: uncovering the

Data Types - web.uvic.ca

Doing mutual understanding. Calibrating with micro ...web.uvic.ca/psyc/bavelas/2017 Calibration.pdf · In contemporary terms, Mead's ‘‘three basic individual components’’