Nmap, short for Network Mapper, is maintained by Gordon Lyon (more about Mr. Lyon here: http://insecure.org/fyodor/) and is used by many security professionals all over the world.
The utility works in both Linux and Windows and is command line (CLI) driven. However for those a little more timid of the command line, there is a wonderful graphical frontend for nmap called zenmap.
It is strongly recommended that individuals learn the CLI version of nmap as it provides much more flexibility when compared to the zenmap graphical edition.
What purpose does nmap server? Great question. Nmap allows for an administrator to quickly and thoroughly learn about the systems on a network, hence the name, Network MAPper or nmap.
Nmap has the ability to quickly locate live hosts as well as services associated with that host. Nmap’s functionality can be extended even further with the Nmap Scripting Engine, often abbreviated as NSE.
This scripting engine allows administrators to quickly create a script that can be used to determine if a newly discovered vulnerability exists on their network. Many scripts have been developed and included with most nmap installs.
A word of caution – nmap is a commonly used by people with both good and bad intentions. Extreme caution should be taken to ensure that you aren’t using nmap against systems that permission has not be explicitly provided in a written/legal agreement. Please use caution when using the nmap tool.
System Requirements
- Kali Linux (nmap is available in other operating systems and functions similar to this guide).
- Another computer and permission to scan that computer with nmap – This is often easily done with software such as VirtualBox and the creation of a virtual machine.
- For a good machine to practice with, please read about Metasploitable 2
- Download for MS2 Metasploitable2
- A valid working connection to a network or if using virtual machines, a valid internal network connection for the two machines.
Commentaires
Enregistrer un commentaire