Nmap Essentials
By David Shaw
4/5
()
About this ebook
- Get acquainted with the intricacies of Nmap's powerful software suite
- Set up and configure NMAP for different network specifications effectively
- Secure and troubleshoot large scale networks using the powerful features of NMAP with this easy-to-follow guide
This book is for beginners who wish to start using Nmap, who have experience as a system administrator or of network engineering, and who wish to get started with Nmap.
David Shaw
David Shaw works as a journalist for Germany’s international broadcaster, Deutsche Welle, as well as translating from several languages, including German, Dutch, Russian, and French. He lives in Berlin.
Read more from David Shaw
The Brave Little Tailor: A Retelling of the Grimm's Fairy Tale Rating: 0 out of 5 stars0 ratingsThe Rockets' Red Glare Rating: 4 out of 5 stars4/5An Average Joe's Search For The Meaning Of Life Rating: 0 out of 5 stars0 ratingsGhost Writers Rating: 0 out of 5 stars0 ratingsCaptain Cat Rating: 0 out of 5 stars0 ratingsJake Wolf Attorney at Law Rating: 0 out of 5 stars0 ratings
Related to Nmap Essentials
Related ebooks
Penetration Testing Bootcamp Rating: 5 out of 5 stars5/5Mastering Kali Linux for Advanced Penetration Testing - Second Edition Rating: 0 out of 5 stars0 ratingsWireshark Network Security Rating: 3 out of 5 stars3/5Metasploit Bootcamp Rating: 5 out of 5 stars5/5Hands-On Network Forensics: Investigate network attacks and find evidence using common network forensic tools Rating: 0 out of 5 stars0 ratingsBuilding Virtual Pentesting Labs for Advanced Penetration Testing Rating: 0 out of 5 stars0 ratingsKali Linux Wireless Penetration Testing Essentials Rating: 5 out of 5 stars5/5Kali Linux Network Scanning Cookbook - Second Edition Rating: 0 out of 5 stars0 ratingsPython Penetration Testing Essentials Rating: 5 out of 5 stars5/5Penetration Testing with the Bash shell Rating: 0 out of 5 stars0 ratingsNmap: Network Exploration and Security Auditing Cookbook - Second Edition Rating: 0 out of 5 stars0 ratingsMastering the Nmap Scripting Engine Rating: 0 out of 5 stars0 ratingsMastering Wireshark Rating: 2 out of 5 stars2/5Learning Penetration Testing with Python Rating: 0 out of 5 stars0 ratingsBurp Suite Essentials Rating: 4 out of 5 stars4/5Applied Network Security Rating: 0 out of 5 stars0 ratingsBuilding Virtual Pentesting Labs for Advanced Penetration Testing - Second Edition Rating: 0 out of 5 stars0 ratingsMastering Modern Web Penetration Testing Rating: 0 out of 5 stars0 ratingsMastering Python Forensics Rating: 4 out of 5 stars4/5Penetration Testing with BackBox Rating: 0 out of 5 stars0 ratingsInstant Traffic Analysis with Tshark How-to Rating: 0 out of 5 stars0 ratingsLinux Networking Cookbook Rating: 0 out of 5 stars0 ratingsTroubleshooting OpenVPN Rating: 0 out of 5 stars0 ratingsMastering Python Networking Rating: 5 out of 5 stars5/5Building a Pentesting Lab for Wireless Networks Rating: 0 out of 5 stars0 ratingsUbuntu Server Essentials Rating: 0 out of 5 stars0 ratings
Networking For You
Networking All-in-One For Dummies Rating: 5 out of 5 stars5/5Networking For Dummies Rating: 5 out of 5 stars5/5Quantum Computing For Dummies Rating: 0 out of 5 stars0 ratingsLinux Bible Rating: 0 out of 5 stars0 ratingsPractical Ethical Hacking from Scratch Rating: 5 out of 5 stars5/5Hacking Android Rating: 4 out of 5 stars4/5The Compete Ccna 200-301 Study Guide: Network Engineering Edition Rating: 5 out of 5 stars5/5AWS Certified Cloud Practitioner Study Guide: CLF-C01 Exam Rating: 5 out of 5 stars5/5TCP/IP for Everyone Rating: 4 out of 5 stars4/5AWS Certified Solutions Architect Study Guide: Associate SAA-C02 Exam Rating: 0 out of 5 stars0 ratingsSharePoint For Dummies Rating: 0 out of 5 stars0 ratingsAmazon Web Services (AWS) Interview Questions and Answers Rating: 5 out of 5 stars5/5Cisco Networking All-in-One For Dummies Rating: 4 out of 5 stars4/5Microsoft Certified Azure Fundamentals Study Guide: Exam AZ-900 Rating: 0 out of 5 stars0 ratingsCisco CCNA Command Guide: An Introductory Guide for CCNA & Computer Networking Beginners: Computer Networking, #3 Rating: 0 out of 5 stars0 ratingsThe Windows Command Line Beginner's Guide: Second Edition Rating: 4 out of 5 stars4/5CompTIA Network+ Practice Tests: Exam N10-008 Rating: 0 out of 5 stars0 ratingsMike Meyers' CompTIA Network+ Certification Passport, Sixth Edition (Exam N10-007) Rating: 1 out of 5 stars1/5CCNA Certification Study Guide, Volume 2: Exam 200-301 Rating: 0 out of 5 stars0 ratingsA Beginner's Guide to Ham Radio Rating: 0 out of 5 stars0 ratingsRaspberry Pi Electronics Projects for the Evil Genius Rating: 3 out of 5 stars3/5A Practical Guide Wireshark Forensics Rating: 5 out of 5 stars5/5Windows Command Line Administration Instant Reference Rating: 0 out of 5 stars0 ratingsArtificial Intelligence for Fashion: How AI is Revolutionizing the Fashion Industry Rating: 0 out of 5 stars0 ratingsMicrosoft Azure For Dummies Rating: 0 out of 5 stars0 ratingsNetwork+ Study Guide & Practice Exams Rating: 4 out of 5 stars4/5IPv6: Theory, Protocol, and Practice Rating: 5 out of 5 stars5/5Cybersecurity: The Beginner's Guide: A comprehensive guide to getting started in cybersecurity Rating: 5 out of 5 stars5/5
Reviews for Nmap Essentials
1 rating0 reviews
Book preview
Nmap Essentials - David Shaw
Table of Contents
Nmap Essentials
Credits
About the Author
About the Reviewers
www.PacktPub.com
Support files, eBooks, discount offers, and more
Why subscribe?
Free access for Packt account holders
Preface
What this book covers
What you need for this book
Who this book is for
Conventions
Reader feedback
Customer support
Downloading the example code
Errata
Piracy
Questions
1. Introduction to Nmap
Nmap's humble beginnings
The many uses of Nmap
Installing Nmap
Building Nmap from source
Summary
2. Network Fundamentals
The structure of the Internet
The OSI model
Port scanning
TCP and UDP
Service banners
Summary
3. Nmap Basics
How to choose a target
Running a default scan
Service version scans
Logging scans
Specified scan ranges
Understanding the reason flag
Summary
4. Advanced Nmap Scans
Host detection methods
Running a ping agnostic scan
Scanning UDP services
Special TCP scans
Operating system detection
Increasing verbosity in scans
Packet tracing
Summary
5. Performance Optimization
Nmap timing optimization
Customized host group sizes
Increasing and decreasing parallelism
Dealing with stuck hosts
Delaying and increasing probe rates
Summary
6. Introduction to the Nmap Scripting Engine
The history of the NSE
The inner working of the NSE
Finding Nmap scripts
Running Nmap scripts
Summary
7. Writing Nmap Scripts
Anatomy of an Nmap script
Defining an Nmap script – script headers
Triggering functions – the rule
Defining a script's action
Summary
8. Additional Nmap Tools
Attacking services with Ncrack
Host detection with Nping
File transfers and backdoors with Ncat
Comparing Nmap results with Ndiff
Summary
9. Vulnerability Assessments and Tools
Conducting vulnerability scans with Nessus
Assessing web server issues with Nikto
Identifying sensitive web directories with DirBuster
Getting started with intercepting proxies
Summary
10. Penetration Testing with Metasploit
Installing Metasploit
Scanning with Metasploit
Attacking services with Metasploit
What to learn next
Summary
Index
Nmap Essentials
Nmap Essentials
Copyright © 2015 Packt Publishing
All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.
Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the author, nor Packt Publishing, and its dealers and distributors will be held liable for any damages caused or alleged to be caused directly or indirectly by this book.
Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.
First published: May 2015
Production reference: 1220515
Published by Packt Publishing Ltd.
Livery Place
35 Livery Street
Birmingham B3 2PB, UK.
ISBN 978-1-78355-406-5
www.packtpub.com
Credits
Author
David Shaw
Reviewers
Rajdeep Bhattacharya
Nikhil Kumar
Aravinda Babu T
Ravi Chandra Vinjanampati
Commissioning Editor
Amarabha Banerjee
Acquisition Editor
Shaon Basu
Content Development Editor
Siddhesh Salvi
Technical Editor
Madhunikita Sunil Chindarkar
Copy Editor
Trishya Hajare
Project Coordinator
Nidhi Joshi
Proofreaders
Stephen Copestake
Safis Editing
Indexer
Hemangini Bari
Production Coordinator
Nitesh Thakur
Cover Work
Nitesh Thakur
About the Author
David Shaw has extensive experience in many areas of information security. He began working in the trenches of perimeter analysis and conducting external threat research for large financial institutions. After switching to offensive security, he joined Redspin to conduct application security assessments and network penetration tests.
David is currently the Chief Technology Officer and Vice President of Professional Services at Redspin, specializing in external and application security, and managing a team of highly skilled engineers. He has particular interests in complex threat modeling and unconventional attack vectors, and has been a speaker at THOTCON, NolaCon, ToorCon, LayerOne, DEF CON, BSides Las Vegas, BSides Los Angeles, and BSides Seattle.
About the Reviewers
Rajdeep Bhattacharya is a Principal Server Engineer at Nimbuzz Technologies, located in Gurgaon, India. He has been working on the security and scalability of different products for Nimbuzz. Currently, he is working on the behavior-driven development approach and the performance optimization of various caching layers. In his spare time, he enjoys listening to music, travelling, cooking, and playing table tennis.
Nikhil Kumar is an Information Security Analyst at Biz2Credit Inc. He is a Certified Ethical Hacker, and has a bachelor's and master's degree in computer science. He has written many articles on web application security, security coding practices, web application firewalls, and so on.
He has discovered multiple vulnerabilities in big hotshot applications, including Apple, Microsoft, and so on.
He is currently pursuing the OSCP certification.
Nikhil can be contacted on LinkedIn at https://in.linkedin.com/in/nikhil73.
I would like to thank my family for their support. I would also like to thank my friends, mentor Jatin Jain, and Swati Bhardwaj who helped me in every situation. Next, I would like to thank everybody at Packt Publishing for giving me this opportunity.
Aravinda Babu T is a senior staff member at Fornetix. In this role, he focuses on architecture and the development of encryption key orchestration technologies. He previously worked as an advisory software engineer in IBM Software Labs for the power servers division, and as an open source contributor in ONF for the wireless and mobility group. He has 14 years of experience in network security, datacom, and mobile technologies. He has also worked at Nokia, Motorola, and IBM previously. His experience includes mobile middleware, wireless LAN switches, UTM appliances, and HPC servers.
Ravi Chandra Vinjanampati has been working in the infosec domain for the past 7 years. He holds a GCIH certification, has worked with global finance giants in the past, and is currently working with an engineering company.
www.PacktPub.com
Support files, eBooks, discount offers, and more
For support files and downloads related to your book, please visit www.PacktPub.com.
Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.PacktPub.com and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at
At www.PacktPub.com, you can also read a collection of free technical articles, sign up for a range of free newsletters and receive exclusive discounts and offers on Packt books and eBooks.
https://www2.packtpub.com/books/subscription/packtlib
Do you need instant solutions to your IT questions? PacktLib is Packt's online digital book library. Here, you can search, access, and read Packt's entire library of books.
Why subscribe?
Fully searchable across every book published by Packt
Copy and paste, print, and bookmark content
On demand and accessible via a web browser
Free access for Packt account holders
If you have an account with Packt at www.PacktPub.com, you can use this to access PacktLib today and view 9 entirely free books. Simply use your login credentials for immediate access.
Preface
This book is designed to teach readers how to run Nmap,