NMAP (AKA “Network Mapper”) is a free and open source network scanner created by Gordon Lyon and originally released in September of 1997. It is a free and open source tool that is used for security auditing and network discovery. The power of NMAP lies in the hands of the user and can be used for both benevolent and malevolent purposes. From the stealthy red teamer to the Administrator managing service upgrades to network inventory, NMAP can be a very helpful utility.
Functions of Nmap
If we are utilizing EC Council‘s Scanning Methodology , a simple nmap command can ping or check for live systems on a network. This is step one of their methodology. Other functions of NMAP include port scanning using TCP Connect (Full Open Scan) with a three way handshake using the TCP protocol (OSI Model Transport Layer), what services and operating systems are running, what kind of firewalls are established and again what hosts are available. NMAP even has a stealth feature built into the program.
(NSE) Nmap Scripting Engine
Nmap on their own page describing the scripting engine, NSE, considers this feature as one of their “most powerful and flexible.” It allows for users to automate tasks with simple and shareable scripts written in Lua. For a basic/default script scan (Intrusive option so user be warned) use the ” -sC” option. For further detailing on the NSE, I would direct users to the documentation here.
Zenmap
Zenmap is the official GUI (No, not like sticky and gross) but the Graphical User Interface version of Nmap. It is an easier to use version for beginners rather than the command line utility and also provides advanced features for the experienced user. It is multi-platform (Mac OS X, Linux, Windows, etc.) and is relatively simple to learn but the documentation is a wonderful aid. You can find that here also.
Resources ( No affiliation)
- https://www.youtube.com/watch?v=4t4kBkMsDbQ
- https://nmap.org/
- https://www.networkworld.com/article/3296740/what-is-nmap-why-you-need-this-network-mapper.html
- https://en.wikipedia.org/wiki/Nmap
- https://github.com/nmap/nmap