Nmap (Network Mapper)
Nmap (for Network Mapper) is a most popular Vulnerability Assessment (VA) tools, which used to scan network and discover what hosts are present and what services they are running. Nmap works by sending specially crafted network traffic to the target hosts and then examining the responses of target. This can tell not only which hosts are active on the network and which of their ports are listening, but it can also help us determine the operating system, hostname, and even patch level of some systems.
Basically Nmap is command-line interface (CLI) tool. But there are some graphical user interface (GUI) tools also available like Zenmap (Windows), NmapFE (Linux), and Xnmap (macOS). Successive runs of Nmap with identical parameters, together with a bit of scripting, enable the user to quickly identify changes to the configuration of a target. Attackers may be interested in new services because they are likelier to have exploitable configuration errors. Defenders, on the other hand, may be interested in new services because they could indicate a compromised host. Nmap also used some organization to get inventory assets on a network by periodically doing full scans and comparing hosts and services to an existing baseline.
WARNING*: Some scans are described as “stealthy”, a well-configured IDS/IPS can detect Nmap scanning.
No comments:
Post a Comment