Nmap: Network Mapper
Nmap (Network Mapper) is a free and open-source utility for network discovery and security auditing. It uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems they are running, and dozens of other characteristics.
Core Scanning Techniques
Nmap provides a huge number of features for probing computer networks, including:
- Host Discovery: Determining which hosts on a network are online.
- Port Scanning: Enumerating the open ports on target hosts.
- Version Detection: Interrogating network services on remote devices to determine application name and version number.
- OS Detection: Determining the operating system and hardware characteristics of network devices.
- Scriptable Interaction: Interacting with targets using the Nmap Scripting Engine (NSE).
# A versatile and common Nmap scan
# -sV: Probe open ports to determine service/version info
# -sC: Run default scripts
# -O: Enable OS detection
# -T4: Use a more aggressive timing template for faster scans
nmap -sV -sC -O -T4 example.com
Defensive Measures:
- Firewalls & Access Control Lists (ACLs): Block unwanted probes at the network edge. Properly configured firewalls are the first line of defense against network scanning.
- Intrusion Prevention Systems (IPS): An IPS can identify Nmap scan patterns (e.g., a single IP connecting to many ports) and automatically block the source IP.
- Port Knocking: A method to externally open ports on a firewall by generating a connection attempt on a set of pre-specified closed ports. This makes open ports appear closed to broad scans.
- Principle of Least Privilege: Only expose the absolute minimum number of ports and services necessary for an application to function.
Resources and Further Reading
- Official Nmap Website - The primary source for Nmap downloads and information.
- Nmap Reference Guide - The complete manual for every Nmap option and feature.
- Nmap Scripting Engine (NSE) Documentation - Explore the powerful scripting capabilities of Nmap.