Networking - NMAP

No discussion of detecting network service would be completed without including nmap. It can scan its own host port. Nmap is designed to allow system administrators and curious individuals to scan large networks to determine which hosts are up and what services they are offering. nmap supports a large number of scanning techniques such as: UDP, TCP connect(), TCP SYN (half open), ftp proxy (bounce attack), Reverse-ident, ICMP (ping sweep), FIN, ACK sweep, Xmas Tree, SYN sweep, IP Protocol, and Null scan. See the Scan Types section for more details. nmap also offers a number of advanced features such as remote OS detection via TCP/IP fingerprinting, stealth scanning, dynamic delay and retransmission calculations, parallel scanning, detection of down hosts via parallel pings, decoy scanning, port filtering detection, direct (non-portmapper) RPC scanning, fragmentation scanning, and flexible target and port specification.

For nmaping service we shall initially install the rpm called nmap.rpm which comes with Linux installation CD.

[root@www RPMS]# rpm -ivh nmap-3.50-3.i386.rpm

warning: nmap-3.50-3.i386.rpm: V3 DSA signature: NOKEY, key ID 4f2a6fd2

Preparing... ########################################### [100%]

1:nmap ########################################### [100%]

[root@www RPMS]# service portmap start

Syntax of nmap command is given below,

nmap

Example,

[root@www root]# nmap www.home.com

Starting nmap 3.50 ( http://www.insecure.org/nmap/ ) at 2005-06-27 15:03 BDT

Interesting ports on www.home.com (192.168.10.1):

(The 1647 ports scanned but not shown below are in state: closed)

PORT STATE SERVICE

22/tcp open ssh

23/tcp open telnet

53/tcp open domain

80/tcp open http

111/tcp open rpcbind

443/tcp open https

631/tcp open ipp

910/tcp open unknown

936/tcp open unknown

953/tcp open rndc

2049/tcp open nfs

6000/tcp open X11

Nmap run completed -- 1 IP address (1 host up) scanned in 1.507 seconds

ð It shows all the information of used ports by www.home.com (192.168.10.3).

[root@Fedora /]#nmap -sT Fedora

ð Here Fedora is local host name.

[root@localhost root]# vi /etc/services

ð This is a file where is stored all ports information.