Scribd Logo
Upload

Welcome to Scribd!

  • Nmap 1

    Uploaded by

    aavvv
    2 views10 pages

    Original Title

    nmap1

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    2 views10 pages

    Nmap 1

    Uploaded by

    aavvv

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 10

    NMAP

    K V VIJAY THARUN (RA2331021020001)


    K SASIRAJ (RA2331021020004)
    A JAVED ASHRAF (RA2331021020029)
    S ABISHWA (RA2331021020032)
    NMAP
    Nmap is short for Network Mapper. It is an open-source
    Linux command-line tool that is used to scan IP addresses
    and ports in a network and to detect installed applications.
    Nmap allows network admins to find which devices are
    running on their network, discover open ports and services,
    and detect vulnerabilities
    Three Way Handshake

    A three-way handshake is also known as a TCP handshake or SYN-SYN-ACK, and requires both the client and server
    to exchange SYN (synchronization) and ACK (acknowledgment) packets before actual data communication begins.

    For example, it supports communication between a web browser on the client side and a server every time a user
    navigates the Internet.
    We made an analysis IN Cloudflare’s IP Address

    Verbose Scan- to check number of ports


    Aggressive Scan – To scan the ports in a detailed manner
    NMAP – COMMAND LINES USES AND THEIR APPLICATIONS

    -f, --file <results file>


    Open the given results file for viewing. The results file may be an Nmap XML output file (.xml, as produced by nmap -oX), or a file
    previously saved by nmap

    -h, --help
    Show a help message and exit.

    -n, --nmap <Nmap command line>


    Run the given Nmap command within the nmap interface. After -n or --nmap, every remaining command line argument is read as the
    command line to execute. This means that -n or --nmap must be given last, after any other options. Note that the command line
    must include the nmap executable name: nmap -n nmap -sS target.

    -p, --profile <profile>


    Start with the given profile selected. The profile name is just a string: "Regular scan". If combined with -t, begin a scan with the
    given profile against the specified target.

    -t, --target <target>


    Start with the given target. If combined with -p, begin a scan with the given profile against the specified target.

    -v, --verbose
    Increase verbosity (of nmap, not Nmap). This option may be given multiple times for even more verbosity printed to the console window
    used to start nmap.
    These Are The Some Port Numbers Used In Nmap

    Some Abbreviation of
    Application

    FTP-File Transfer Protocol

    SNMP-Simple Network
    Management Protocol

    DNS-Domain Name System

    4
    Using NMAP to a stealth scan:
    At the command line; type nmap –sS 10.170.26.161
    TCP SYN scan is a stealth scan used to determine if ports on a target system are open, closed or filtered.
    The –sS option tells Nmap to perform a TCP SYN stealth port scan. Since this type of scan requires Nmap to
    behave on the network
    in an atypical manner, you must have administrative rights. The scan should take about one second.

    In the Filter box, type tcp.port==80 and press enter.


    Look at the last three packets. Note that this time the three-way handshake is not completed.
    The SYN packet is sent and the SYN/ACK is returned, but instead of sending back an ACK, the scanning
    computer sends an RST.
    This will allow the scanning computer to establish that the port is in fact opened, but is less likely to be
    registered in the logs.

    3
    Using NMAP to determine veraion number
    At the command line; type nmap –v -a 10.170.26.161

    observe the output on the command line.


    The –v option tells Nmap to perform a ping scan. The * at
    the end of the address means to scan for every host address
    on the 10.170.26 network. The scan should take about 20 to
    30 seconds.

    At the command line; type nmap –V 10.170.26.161/170

    -“-v” option. It is used to get more detailed information


    about the remote machines. We can scan multiple hosts by
    writing IP addresses or hostnames with nmap

    1
    Using NMAP for Aggressive and fast scanning:

    At the command line; type nmap –A 10.170.26.161/170


    observe the output on the command line
    This option tells Nmap to perform a TCP port scan. This is a full connection scan.
    The scan may take few minutes.
    Look at the signature of the scan Notice that there are many SYN packets sent from
    10.170.26.101 (the computer doing the scanning) and many RST/ACK packets being sent back.
    RST/ACK is the response for a request to connect to a port that is not open.

    The –A option tells Nmap to perform a TCP port scan. This is a full connection scan. The scan may take few
    minutes.

    2
    THANK YOU!!!

    You might also like