Advertise Search Members Free Magazines Newest Links Categories Register Login

Application Security Architecture Authentication Certifications Corporate Compliance Cryptology Disaster Recovery Enterprise Security Exploits Firewalls Incident Handling Intrusion Detection Link Directory OS Security Policies and Procedures Security Basics Security Management Security Tools Servers Standards Techie Humor VoIP Vulnerability Management Web Security WIFI Security Worms and Viruses Definition of NMAP What is NMAP? A free port scanning software distributed by Insecure.Org and designed to detect open ports on a target computer, determine which services are running on those ports, and infer which operating system the computer is running (this is also known as fingerprinting). It has become one of the de-facto tools in any network administrator's toolbox, and is used for penetration testing and general computer security. Most Popular Sponsor 802.1X Authentication Standard for Network Access Control

NMAP Nmap: What You Need to Know1 hr. 14 min. 22 sec. Nmap training seminar given by Professor Messer. Watch the Video On getting cracked and recovering with NMAP The feeling you get in the pit of your stomach when you first suspect that your site has been cracked is similar to the feeling you get when you first discover your house has been broken into. It is a sickening sense of muted outrage. Muted because you are still hoping against hope that it hasn't really happened. But your eyes are telling you that it has, that in spite of your denial you've been violated, that you're 0wn3d. Read the Article The Art of Port Scanning This paper details many of the techniques used to determine what ports (or similar protocol abstraction) of a host are listening for connections. These ports represent potential communication channels. Mapping their existence facilitates the exchange of information with the host, and thus it is quite useful for anyone wishing to explore their networked environment, including hackers. Despite what you have heard from the media, the Internet is NOT all about TCP port 80. Anyone who relies exclusively on the WWW for information gathering is likely to gain the same level of proficiency as your average AOLer, who does the same. Read the Article Scanning and Defending Networks with Nmap This article will cover the use of Nmap to allow a security administrator to probe his/her site to get a "cracker's view" of his/her network. By employing the same tools used by an intruder, an administrator will see what his/her site looks like to the bad guys, and hopefully will be able to initiate steps to help secure his/her systems. Read the Article An Introduction to NMAP In plain English, nmap will scan a range of host addresses or a network address range entered at the command line. It will determine which addresses are active systems currently on line. It will probe a range of ports, selectable by the user, to see what services the identified system is running. Finally it will probe the system for responses to some unusual packets to try and guess what operating system is installed on the target system. Read the Article What is nmap and what can it do? Nmap was the source of strange new scan patterns started being detected by the SHADOW ID Systems located throughout the Internet. The reported traffic varies from incident to incident. However, it can generally be categorized into two distinct groups. Read the Article Nmap -- looking from the outside in Like any tool, portscanners can be used for multiple purposes. Running one against your own system to see what holes there are is fine. But running one against someone else's box is usually seen as an attack, or the preliminary to one. Read the Article A practical approach for defeating Nmap OS-Fingerprinting The purpose of this paper is to try to enumerate and briefly describe all applications and technics deployed for defeating Nmap OS Fingerprint, but in any case, security by obscurity is not good approach; it can be a good security measure but please take into account that is more important to have a tight security environment (patches, firewalls, ids, ...) than hiding your OS. Read the Article Remote OS detection via TCP/IP Stack FingerPrinting While Nmap has supported OS detection since 1998, this article describes the 2nd generation system which debuted in 2006. When exploring a network for security auditing or inventory/administration, you usually want to know more than the bare IP addresses of identified machines. Your reaction to discovering a printer may be very different than to finding a router, wireless access point, telephone PBX, game console, Windows desktop, or UNIX server. Finer grained detection (such as distinguishing Mac OS X 10.4 from 10.3) is useful for determining vulnerability to specific flaws and for tailoring effective exploits for those vulnerabilities. Read the Article Nmap Version Scanning Even if Nmap is right, and the hypothetical server above is running SMTP, HTTP, and DNS servers, that is not a lot of information. When doing vulnerability assessments of your companies or clients, you really what to know which mail and DNS servers are running, as well as the version number if possible. Having an accurate version number helps dramatically in determining which exploits a server is vulnerable to. Read the Article Members currently browsing this category:

Copyright 2008 AttackPrevention