ASSIGNMENT 1- SCANNING TOOLS

1.
2023F-T2 ISN 2003 - Network Security and
Penetration Testing 01 (CSFM Group 1)

Submitted By
Thazni Kassim(C0895117)
1.Nmap
A network's devices and services can be found and analyzed using Nmap. It assists in locating
open ports, gathering data on network hosts, and evaluating their security.
Purpose
• It may utilise Nmap to execute scans using the TCP and the UDP (User Datagram
Protocol) protocols, scan large network IP addresses, and detect open ports.
• "nmap -sS target_ip" is used to scan TCP.
• Use "nmap -sU target_ip" to scan UDP traffic.
• Nmap is a helpful tool for security assessments since it can be used to carry out
vulnerability scans and analyze a network's security posture. It can do a Full echo Scan.
Usage
• Nmap is used by security professionals to do penetration testing, in which they actively
search networks for vulnerabilities that malicious actors may exploit. Nmap may be
used to find the open services and ports that need security hardening.
• Network Troubleshooting: To identify which applications or ports are not responding
as expected in order to diagnose network issues, Nmap is a valuable tool. This helps
identify and address connection problems.
• Network Inventory: By producing an inventory of every device connected to the
network, administrators may use Nmap to keep track of all connected devices, their IP
addresses, and open ports. This is beneficial for resource management on the network.
• Security Audits: Organisations can employ Nmap to perform routine security audits to
ensure that their network is properly secured. By identifying open ports and possible
vulnerabilities, it helps to maintain a solid security posture.
• Network managers may use Nmap's port scanning tools to check if certain services are
available and installed on target hosts. When setting up and managing network services,
it is beneficial.
2.Angry IP Scanner
The Angry IP scanner for Windows, Linux, and Mac is a quick and simple network scanner.
It is very expandable and allows for a huge variety of uses, with the primary goal of helping
network managers. It is a simple and efficient method for locating open ports and active
devices on a network. It is employed as a tool for network wide scanning.
Purpose
• It is utilised for network-wide range scanning.
• This tool's primary use is reconnaissance; however, it is also used to
troubleshoot networks.
Usage
 • Port Scanning: The tool may check discovered devices for open ports. This is beneficial
for identifying potential vulnerabilities or open services that may need to be guarded or
closed, which aids in evaluating a network's security.
• Using the network discovery feature of Angry IP Scanner, network administrators and
security specialists may detect devices connected to a network. This is useful for keeping
track of your devices, detecting unauthorised devices, and ensuring that your network is
correctly maintained.

3.Mega Ping Scanner

MegaPing is the all-in-one toolkit that any information system professional, system
administrator, IT solution provider, and person must have. MegaPing includes a number of
scanners, including a Share Scanner, IP Scanner, and Port Scanner (TCP and UDP ports).
Purposes
• MegaPing may be used to scan for network infrastructure vulnerabilities such as open ports
and to assess the overall security of your network.
• The tool provides ping and traceroute capability, which is required for detecting network
connectivity and diagnosing routing faults.
• MegaPing's DNS lookup and reverse DNS lookup capabilities are useful for translating
domain names to IP addresses and vice versa.
• Port Scanning: It can scan for open ports.
• MegaPing provides real-time network device and service monitoring, supporting managers
in keeping an eye on the availability and performance of critical network components.
• Network Diagnostics: It includes a range of diagnostic tools for analysing connection
difficulties, pinpointing bottlenecks, and troubleshooting network issues.
Usage
• MegaPing can track network bandwidth utilisation over time, supporting you in recognising
spikes in traffic or unusual patterns that may indicate network misuse or poor performance.
• MegaPing can assist you in managing DNS records and IP addresses, making it simple to
track changes and ensure proper domain resolution.
• Port Scanning: It may be used to do routine or scheduled port scans on network devices in
order to identify open ports, which is crucial for maintaining security and discovering possible
vulnerabilities.
• Troubleshooting: When network issues arise, MegaPing can help determine the root reason,
whether it's a router misconfiguration, a server outage, or a DNS-related issue.
• Security experts may utilise MegaPing for security evaluations and penetration testing. They
can detect open ports, identify network faults, and assess overall security posture.
4.Net Scan Tools
NetScanTools Pro is a complete collection of online information collecting and network
troubleshooting tools aimed at Network Professionals. IPv4 and IPv6 addresses, hostnames,
domain names, email addresses, and URLs may all be looked up automatically or manually. It
is designed for usage with the graphical user interface of the Windows operating system. The
user initiates interactively automated tools.
Purpose
• Network Discovery: Network scanning programmes such as "Net Scan Tools Pro" are widely
used to detect network devices and hosts. They identify active hosts, open ports, and services
operating on those hosts.
• These technologies may be used to perform security audits and vulnerability assessments.
They aid in the detection of possible network gaps, misconfigurations, and security concerns
by scanning for open ports, services, and known vulnerabilities.
• Asset Management: Network administrators may use these technologies to keep track of the
devices and services on their network. This aids in the tracking of network assets and settings.
• Network Troubleshooting: When network difficulties arise, network scanning tools can be
useful in finding the cause of the problem. They can reveal which hosts are online, which
services are operational, and so on.
Usage
• Many popular network tools have been greatly enhanced.
• It saves time when acquiring information on Internet or local LAN network devices, IP
addresses, domains, device ports, and a range of other network facts.
• Simplifies and speeds information collection by automating the usage of several network
technologies for you. To access various features, you input an IP address and push a single
button.
•It creates clear, straightforward results reports on your web browser.
5.ARP Scan
An ARP scan tool is a network programme that sends ARP queries to find and enumerate
devices on a local network. It's often used for network reconnaissance and troubleshooting.
Purpose
• Device Enumeration: The ARP scan tool may be used to discover all active devices on
a specified network segment. The tool will create a list of IP and MAC addresses to aid
the administrator in identifying all devices.
• Unauthorised Device Detection: By comparing detected devices to an authorised device
list, the administrator may quickly discover any unauthorised or possibly suspicious
devices on the network. Any strange gadgets can be examined for security issues.
• Inventory Management: Using the ARP scan results, the administrator may create and
manage a network device inventory. This inventory is necessary for tracking equipment,
managing software licencing, and planning network enhancements.
 • Troubleshooting: Use the ARP scan tool to troubleshoot connection problems or IP
address conflicts.
Usage
• Consider the following scenario: A network administrator is tasked with doing network
inventory and security auditing on a company network.
• Scenario: A network administrator needs to ensure that all devices on their company's
local network are authorised and secure. They must also maintain an accurate inventory
of devices in order to manage maintenance and security. The arp requests are used in
these instances.
6.Zenmap
Zenmap is the Nmap Security Scanner's official graphical user interface (GUI). It is a
multi-platform, free and open-source programme designed to make Nmap simple to use for
beginners while providing comprehensive features for expert Nmap users.
Purpose
• Inventory Management: It is useful for keeping track of network equipment and services.
This is extremely handy in large corporate setups for keeping track of network assets.
• Network Troubleshooting: By indicating which hosts are available and which services are
active, Zenmap can assist you in diagnosing network issues. It can help identify issues like
inaccessible hosts or blocked ports.
• Network Device and Host Discovery: Zenmap can help you find network devices and
hosts. It looks for active hosts, open ports, and services running on those hosts in an IP
address range.
• Security Auditing: Zenmap is often used by network managers and security specialists to
audit network security. It identifies vulnerabilities, misconfigurations, and other security
risks by scanning for open ports and services.
Usage
• Network Monitoring: Scanning your network using Zenmap on a regular basis may help you
track changes over time. Unauthorised devices or services deployed to your network can be
discovered.
• Network administrators may use Zenmap to assess the efficacy of firewall settings. By
scanning both within and outside the network, you may establish whether the firewall is
obstructing or permitting the essential traffic.
• Zenmap's Service Enumeration provides detailed information on the services running on each
host, including version numbers. This information is important for maintaining and securing
network services.
• Scripting & Automation: Nmap script engine (NSE) scripts may be used to automate certain
activities in Zenmap. You may write your own scripts or utilise pre-existing ones to run
customised scans and tests.
• Network Mapping: You can use Zenmap to generate a network map that displays all of the
devices and services on your network. This may assist you in understanding the structure of
your network.
• Security Assessment: Zenmap may be used for security assessments and penetration testing.
It aids in the identification of possible attack vectors by displaying open ports and vulnerable
services.