From b86a82582e26097c0f218b60ab607526acce3cbc Mon Sep 17 00:00:00 2001 From: alan Date: Fri, 5 Feb 2010 15:13:26 -0500 Subject: Discussion of nmap completed. Should that CYA paragraph be included or changes in the final draft of the book? --- chapter_15.xml | 54 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 54 insertions(+) diff --git a/chapter_15.xml b/chapter_15.xml index d5a05f9..20a1fe5 100644 --- a/chapter_15.xml +++ b/chapter_15.xml @@ -234,6 +234,60 @@ SMB PACKET: SMBtrans2 (REQUEST)
nmap + +Suppose you need to know what network services are running on a +machine, or multiple machines, or you wish to determine if multiple +machines are responsive? You could ping +each one individually, telnet to each port +you're interested in, and note every detail, but that's very tedious +and time consuming. A much easier alternative is to use a port scanner, +and nmap(1) is just the tool for the job. +nmap is capable of scanning TCP and UDP +ports, determining the operating system of a network device, probing +each located service to determine its specific type, and much much +more. Perhaps the simplist way to use nmap +is to "ping" multiple computers at once. You can use network address +notation (CIDR) or specify a range of addresses and +nmap will scan every one and return the +results to you when it's finished. You can even specify host names as +you like. + + + +In order to "ping" hosts, you'll have to use the -sP +argument. The following command instructs +nmap to "ping" www.slackware.com and the 16 +IP addresses starting at 72.168.24.0 and ending at 72.168.24.15. + + +darkstar:~# nmap -sP www.slackware.com 72.168.24.0/28 + + + +Should you need to perform a port scan, nmap +has many options for doing just that. When run without any arguments, +nmap performs a standard TCP port scan on all +hosts specified. There are also options to make +nmap more or less aggressive with its +scanning to return results quicker or fool intrusion detection +services. For a full discussion, you should refer to the rather +exhaustive man page. The following three commands perform a regular +port scan, a SYN scan, and a "Christmas tree" scan. + + +darkstar:~# nmap www.example.com +darkstar:~# nmap -sS www.example.com +darkstar:~# nmap -sX www.example.com + + + +Be warned! Some Internet Service Providers frown heavily on port +scanning and may take measures to prevent you from doing it. +nmap and applications like it are best used +on your own systems for maintenance and security purposes, not as +general purpose Internet scanners. + +
-- cgit v1.2.3