Skip to main content

Nmap for beginners - "Read Disclaimer First"

/!\/!\ Disclaimer /!\/!\

Nmap is a powerful network scanner that can be used for a variety of purposes.
It is a valuable tool for network administrators, security professionals, and penetration testers, so any illegal use leaves traces in the server logs where the tests were made, you will be charged for serious legal consequences , in other words , you will break the law.
DO NOT USE IT RANDOMLY OR WITHTOUT PERMISSION.
What is Nmap?

Nmap is a free and open-source network scanner that is used to discover hosts and services on a network, as well as to audit the security of a network developed concept & software near 1997 BUT ... unfortunately you will continue in 2023 to use it in order to test the unsecured platforms and old databases.

How does Nmap work?

Nmap uses a variety of techniques to scan a network, including:

  • TCP SYN scanning: This is the most common type of Nmap scan. It works by sending a TCP SYN packet to a target port. If the port is open, the target will respond with a SYN/ACK packet. If the port is closed, the target will not respond.

  • UDP scanning: This type of scan works by sending a UDP packet to a target port. If the port is open, the target will not respond. If the port is closed, the target will respond with an ICMP port unreachable message.

  • ICMP echo scanning: This type of scan works by sending an ICMP echo request to a target host. If the host is up and running, it will respond with an ICMP echo reply. If the host is down, it will not respond.

What can Nmap be used for?

Nmap can be used for a variety of purposes, including:

  • Network discovery: Nmap can be used to discover hosts and services on a network. This can be useful for network administrators who need to keep track of their network assets.

  • Security auditing: Nmap can be used to audit the security of a network. This can be done by scanning for open ports and services, as well as by identifying known vulnerabilities.

  • Penetration testing: Nmap can be used to perform penetration tests on a network. This involves simulating a cyberattack in order to identify and exploit security vulnerabilities.

How to use Nmap ?

Nmap is a command-line tool, but there are also graphical user interfaces (GUIs) available. To use Nmap, you will need to know the IP address or hostname of the target host. Once you have this information, you can use the following command to scan the target host for open ports:

Code snippet

nmap -sS <target_host>

Use code with caution!

This will perform a TCP SYN scan of the target host. You can use the -p
option to specify a list of ports to scan. For example, the following command will scan the target host for ports 80 (HTTP) and 443 (HTTPS):

Code snippet

nmap -p 80,443 <target_host>

Nmap also has a variety of other options that can be used to customize scans,
more informations are available on Nmap documentation, "Google IT".

White Hat Alliance.
"As the world is interconnected"

Comments

Post a Comment

Popular posts from this blog

Navigating the CCNA 2024 Update.

  Greetings fellow network enthusiasts and aspiring IT professionals! As the technology landscape continues to evolve, so does the CCNA certification, the industry-standard credential for networking professionals. With an anticipated update in late 2024, it's time to gear up and prepare for the changes that lie ahead. Understanding the Driving Forces: The CCNA 2024 update reflects the ever-changing nature of networking technologies and industry standards. Cisco, recognizing this dynamic environment, is incorporating key trends and advancements into the exam to ensure that certified professionals possess the skills and knowledge required for success in today's complex networking environments. Anticipated Exam Changes: While the official exam blueprint is yet to be released, Cisco has provided some insights into the anticipated changes. Here's a sneak peek into what you can expect: Cloud and Cybersecurity Focus: The updated exam will place a greater em
Post a Comment
Read more

Q/A Cryptocurrencies - is it Legal , or Not ?

The Law Article codes on this date vary from one country to another, in Morocco it is not legal to carry out transactions according to the following regulations of 2017. According to Wikipedia  :  On November 20, 2017, Morocco's foreign exchange office declares that transactions carried out via virtual currencies constitute a violation of foreign exchange regulations, subject to sanctions and fines. The Library of Congress (LOC) conducts periodic reviews of countries' stances on Bitcoin and cryptocurrencies,  In November 2021 identified 103 countries whose governments directed their financial regulatory agencies to develop regulations and priorities for financial institutions regarding cryptocurrencies and their use in AML & CFT. The L.O.C also identified many countries that allow cryptocurrencies to be used. Several other countries allow Bitcoin to be used in transactions and have developed forms of regulation. Some examples are: - USA - United Kingdom - Israel - Australia
Post a Comment
Read more

SQL injection: Basics - Tip for Developers Part 1/

  In many forums, and articles available on the internet you always find some articles about what called "dorks" which is a method used by attackers to identify the sql injection possibility on your sql app. Tip for Developers , after the setup of the Anti-DDOS procedures you should secure your code by some basics stuff if you see that something can be possible from the given example. Often using sql operate to a database system: Back-up procedures and the use of secure hardware are as important as comprehensive protection measures against external access, "So-called SQL injections", on the other hand, represent a great danger especially for classic relational database models and the information implemented there. What is an SQL injection? The term SQL injection refers to the exploitation of a security flaw in relational database systems that refer to the SQL language. The attacker uses data entered by the user on the database interface which is not s
Post a Comment
Read more