Book Image

NMAP Essentials

By : David Shaw
Book Image

NMAP Essentials

By: David Shaw

Overview of this book

Related Content you might be interested in

Current Title:

Small book image
NMAP Essentials
David Shaw
May, 2015 | 118 pages
No titles found
Table of Contents (17 chapters)
Nmap Essentials
Nmap Essentials
Credits
Credits
About the Author
About the Author
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Introduction to Nmap
Introduction to Nmap
Nmap's humble beginnings
The many uses of Nmap
Installing Nmap
Building Nmap from source
Summary
2
Network Fundamentals
Network Fundamentals
The structure of the Internet
The OSI model
Port scanning
TCP and UDP
Service banners
Summary
3
Nmap Basics
Nmap Basics
How to choose a target
Running a default scan
Service version scans
Logging scans
Specified scan ranges
Understanding the reason flag
Summary
4
Advanced Nmap Scans
Advanced Nmap Scans
Host detection methods
Running a ping agnostic scan
Scanning UDP services
Special TCP scans
Operating system detection
Increasing verbosity in scans
Packet tracing
Summary
5
Performance Optimization
Performance Optimization
Nmap timing optimization
Customized host group sizes
Increasing and decreasing parallelism
Dealing with stuck hosts
Delaying and increasing probe rates
Summary
6
Introduction to the Nmap Scripting Engine
Introduction to the Nmap Scripting Engine
The history of the NSE
The inner working of the NSE
Finding Nmap scripts
Running Nmap scripts
Summary
7
Writing Nmap Scripts
Writing Nmap Scripts
Anatomy of an Nmap script
Defining an Nmap script – script headers
Triggering functions – the rule
Defining a script's action
Summary
8
Additional Nmap Tools
Additional Nmap Tools
Attacking services with Ncrack
Host detection with Nping
File transfers and backdoors with Ncat
Comparing Nmap results with Ndiff
Summary
9
Vulnerability Assessments and Tools
Vulnerability Assessments and Tools
Conducting vulnerability scans with Nessus
Assessing web server issues with Nikto
Identifying sensitive web directories with DirBuster
Getting started with intercepting proxies
Summary
10
Penetration Testing with Metasploit
Penetration Testing with Metasploit
Installing Metasploit
Scanning with Metasploit
Attacking services with Metasploit
What to learn next
Summary
Index
Index

Nmap's humble beginnings

Nmap started from humble beginnings. Unlike the commercial security tools that are released today, the very first Nmap was only about 2,000 lines of code—and was released in 1997 in issue 51 of Phrack, a hacker "zine" that was started in 1985. Nmap's timeline is a fascinating one, and its growth has been phenomenal. The general timeline of Nmap development is as follows:

  • At the time of release, Nmap did not have very many features; in fact, it was bare bones. There was no version number attached to this release of Nmap because the developers did not plan to release any future versions. Nmap was designed only to scan for open ports on a target machine, and only worked when run from a Linux host and compiled with gcc.

  • Only four days after the initial release of Nmap, though, a slightly improved version was released (also through Phrack)—version 1.25. It was becoming very clear, even in the infancy of the now-famous tool, that there was an extremely high demand for a high-performance port scanner. Although there had previously been ways to detect open ports, Nmap made it straightforward to assess a third-party host over the Internet or across a local network. The hacker community was intrigued.

  • By March 1998, about six months after the initial Nmap release, the scanner had become the de facto port scanner of the underground hacker community and blossoming information security industry. Renaud Deraison asked permission to use the scanner code in a new vulnerability assessment engine he was creating, and (after receiving permission) Nmap scanning technology became integrated with the very first version of Nessus.

  • By September 2003, when Nmap 3.45 was released, there had been many major changes to the project. Fyodor, the primary developer, is now working on maintaining Nmap full-time. The tool has many new features—such as service detection, OS detection, timing configuration, and optimization flags (all of which will be covered later in this book)—and has truly reached a state of maturity.

  • In December 2006, one of the most important aspects of the Nmap project was integrated into all Nmap builds: Nmap Scripting Engine (NSE). The NSE allows users of Nmap to write their own modules (in a programming language called Lua) to trigger on certain ports being open, or certain services—or even specific versions of services—found listening. This release allows the elevation of Nmap from a simple networking tool to a fully robust and customizable vulnerability assessment engine, suitable for a wide variety of tasks.

Previous Section
End of Section 2
Next Section