• Nmap Network Mapping Utility

    by  • August 20, 2009 • Security Tool Profiles

    What is Nmap?: Nmap, short for “network mapper”, is a free utility which can quickly scan broad ranges of devices and provide valuable information about the devices on your network. It can be used for IT auditing and asset discovery as well as for security profiling of the network.
    What Does Nmap Do?: Nmap uses raw IP packets to determine what hosts are available on the network, the services that are enabled, the operating system and version of the host, what sort of firewall or packet filters are in place and many other aspects of the network. The information can be used to proactively identify and correct security holes. The tool can also be used by attackers to scan a network and perform reconnaisance about the types and quantities of targets available and what weaknesses exist.
    Running Nmap: Nmap is available for a wide range of operating system platforms. The standard download is a compressed file containing the UNIX version (which runs on Linux, Solaris, Free/Net/OpenBSD, and Mac OS X) and the Windows version as well as NmapFE, the X-Windows front end for UNIX, and NmapWIN, the recommended Windows GUI for Nmap.You can download the latest version of Nmap, as well as many previous stable versions, at Nmap Downloads
    NMap Scans: NMap can perform a wide range of scans. Some are more aggressive and blatant, while some are designed to be stealthy and scan undetected. Depending on the type of scan performed, different information can be discovered as well.Some of the scan types are:

    • Connect
    • SYN Stealth
    • FIN, Xmas, Null
    • Ping
    • UDP Scan
    • IP Protocol Scan
    • ACK Scan
    • Window Scan
    • RPC Scan
    • List Scan
    • FTP Bounce
    Nmap Resources: The best source of Nmap information is the official home of Nmap, Insecure.org. On that site you can find all of the details and information including:

    There are also many external resources you can reference such as:

    About

    Tony has driven security policies and technologies for antivirus and incident response for Fortune 500 companies, and he has been network administrator and technical support for smaller companies. He has written for a variety of other Web sites and publications, including BizTech Magazine, PC World, SearchSecurity.com, WindowsNetworking.com, Smart Computing magazine, and Information Security magazine. Tony is a CISSP (Certified Information Systems Security Professional) and ISSAP (Information Systems Security Architecture Professional). He is Microsoft Certified as an MCSE (Microsoft Certified Systems Engineer) and MCSA (Microsoft Certified Systems Administrator) in Windows 2000 and an MCP (Microsoft Certified Professional) in Windows NT. Tony has been recognized by Microsoft as an MVP (Most Valuable Professional) in Windows security since 2006. In addition to his Web site and magazine contributions, Tony was also tech editor of PCI Compliance (ISBN: 1597491659 ) and author of Essential Computer Security: Everyone’s Guide to E-mail, Internet, and Wireless Security (ISBN: 1597491144), coauthor of Hacker’s Challenge 3 (ISBN: 0072263040) and a contributing author to Winternals: Defragmentation, Recovery, and Administration Field Guide (ISBN: 1597490792), Combating Spyware in the Enterprise (ISBN: 1597490644) Syngress Force 2006 Emerging Threat Analysis: From Mischief to Malicious (ISBN: 1597490563), Botnets: The Killer Web Applications (ISBN: 1597491357), and AVIEN Malware Defense Guide for the Enterprise (ISBN: 1597491640).

    http://www.tonybradley.com