Port Scanning and Recon with nmap, Part 1 https://www.hackers-arise.com/post/2019/04/05/port-scanning-and-recon...

SCADA Hacking MEMBERS Registration Course Registration

1 of 9 12/7/2019, 1:37 PM
Port Scanning and Recon with nmap, Part 1 https://www.hackers-arise.com/post/2019/04/05/port-scanning-and-recon...

All Posts Your Community Getting Started

OTW

 
Welcome back, my aspiring cyber warriors!
 
Whether you are an aspiring master hacker, network engineer or security engineer,
there is one tool that each of the roles need to be familiar with, nmap.
 
nmap began as a simple, modest, port-scanning tool utilizing the ability to send
TCP, UDP or ICMP packets to a host and port to elicit a response to determine
whether the port is open. Over the years, it has evolved to become a powerful
scanning tool with even some exploitation capabilities. For instance, nmap can be
used for; (1) OS detection, (2) service and version detection, (3) determine the OS
uptime, (4) evade firewalls, (5) do DNS queries and subdomain search, (6) conduct a
Denial of Service (DoS) attack, (7) scan for vulnerabilities and a whole host of other
reconnaissance tasks using nmap scripts.
 
 
The Matrix fans here (who isn't a Matrix fan?) may remember in Matrix Reloaded
that Trinity used nmap to find TCP port 22 open on the power plant's computer
system (SCADA) and cracking the password to give Neo physical access.
 
Yes, that's our beloved nmap below in a scene from the Matrix Reloaded with
Trinity at the keyboard.
 

 
Many infosec researchers have overlooked nmap in favor of more recent tools, but
only at their peril. This tool has become a versatile reconnaissance tool with
scripting capabilities.
 
In this series, I will walk you through the numerous capabilities of nmap and nmap
scripts.
 
History of nmap
 
nmap was developed in 1997 and released by Gordon Lyon (aka Fyodor Vaskovich)
as a free and open-source port and network scanner in Phrack Magazine. nmap has
gone through numerous updates and upgrades with the current version 7.7 having
been released about one year ago. Originally, developed for Linux, nmap has been
ported to Windows, MacOS and BSD.
 
nmap is orginally a command line tool, but numerous GUI's have been developed for
use by the command line challenged. This include;

2 of 9 12/7/2019, 1:37 PM
Port Scanning and Recon with nmap, Part 1 https://www.hackers-arise.com/post/2019/04/05/port-scanning-and-recon...

3 of 9 12/7/2019, 1:37 PM
Port Scanning and Recon with nmap, Part 1 https://www.hackers-arise.com/post/2019/04/05/port-scanning-and-recon...

4 of 9 12/7/2019, 1:37 PM
Port Scanning and Recon with nmap, Part 1 https://www.hackers-arise.com/post/2019/04/05/port-scanning-and-recon...

5 of 9 12/7/2019, 1:37 PM
Port Scanning and Recon with nmap, Part 1 https://www.hackers-arise.com/post/2019/04/05/port-scanning-and-recon...

6 of 9 12/7/2019, 1:37 PM
Port Scanning and Recon with nmap, Part 1 https://www.hackers-arise.com/post/2019/04/05/port-scanning-and-recon...

7 of 9 12/7/2019, 1:37 PM
Port Scanning and Recon with nmap, Part 1 https://www.hackers-arise.com/post/2019/04/05/port-scanning-and-recon...

8 of 9 12/7/2019, 1:37 PM
Port Scanning and Recon with nmap, Part 1 https://www.hackers-arise.com/post/2019/04/05/port-scanning-and-recon...

9 of 9 12/7/2019, 1:37 PM