Thursday, December 31, 2009

NMAP IN REDHAT LINUX

NMAP

Features:

1. Port/Reconnaissance Scanner

2. Hosts & device detection

3. Service detection

4. OS Fingerprinting

5. Multi-target scanning

6. Produces various reports

Tasks:

1. Download and install the latest version of NMap - nmap.org

• wget http://download.insecure.org/nmap/dist/nmap-4.53-1.i386.rpm

• rpm -Uvh nmap-4.53-1.i386.rpm

• /usr/bin/nmap - primary binary

Note: Executing 'nmap' as non-privileged user, causes it to operate in TCP-Connect mode, instead of the stealthy TCP-SYN mode

•/usr/share/nmap - top-level container for key NMap files

•/usr/share/nmap/nmap-os-db - OS Fingerprinting DB

•/usr/share/nmap/nmap-mac-prefixes - Maps MAC prefixes to companies

•/usr/share/nmap/nmap-services - resolves service names to port numbers

Usage:

1. Scan the localhost for open ports

•nmap -v localhost

2. Service detection scan - attempts to resolve services to names & versions

•nmap -v -sV 192.168.75.199

3. OS Fingerprinting scan

•nmap -v -O 192.168.75.199

4. Reporting

•nmap -v -oN filename.txt 192.168.75.1 - normal output

•nmap -v -oX filename.xml 192.168.75.1 - XML output

5. OS Fingerprinting & Service detection

•nmap -v -A 192.168.75.1

6. Scan the entire network using '-A' and XML output

•nmap -v -A -oX 192.168.75.0.scan.xml 192.168.75.0/24

No comments:

Post a Comment