From Nmap.com:
"Nmap is a free and open source utility for network exploration or security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics"
I will show how you can use Nmap to find out info about a remote machine, such as the operating system the machine is running (that machine will be Ubuntu running in a VM)
First I need the IP address of the Linux machine, which I can get by using "ifconfig" as shown in the following screenshot:
Once I have then I can use Nmap to scan that machine. I won't go over the installation, which is fairly straight forward.....
From the windows machine I start Nmap and then plug in the remote IP addess and start a "normal scan". The results are shown.
As you can see from the screenshots, Nmap was able to determine the ports that are open and what service is listening on those ports and what the operating system is.
This is only an introduction to Nmap, but as you can see it can gather quite a lot of information about a remote machine in only a few seconds. This can be useful for locking down a machine or seeing if an unusual port is open and listening - like you would find if it was infected with malware. The OS version information can aid in performing an inventory of your network PC's to see what you have.
No comments:
Post a Comment