Mits5004 Nmap Stands For Network Assessment Answers

As a group, present for approximately 30 minutes on one of the following topics. Groups need to self-organise in earlier weeks, and choose a topic in-class. Tutors will ensure that no two groups have the same topic. This task requires you to create a Kali hacking tools presentation by researching, experimenting with and explaining hacking tools features. After completing this task you should be able to use built in tools in Linux Kali to do vulnerability testing for the systems.
You should select one tool from the following list (if you want to select any other tool from Kali, please discuss with tutor):
• Hydra
• Maltego
• NMap
• Zed Attack Proxy
• SqlMap
• Metasploit Framework
• Burp Suite

You are required to investigate your selected tool and explain the syntax of the commands you use. Your presentation must include at least 6 screenshots that demonstrate different features of the tool.Your presentation should be sufficiently detailed to enable audiences to be able to use the tool.You can prepare the presentation on the selected tool containing following headings;

NMAP stands for Network Mapper.  It is one of the open source tool with GNU license.  This NMAP tool is very useful for the IT security professionals and the network administrators. It scans the networks of organizations thoroughly, and also scans the specific OS (or) specific services which are provided by the network.  This scanning process is done with the help of IP packets.  These IP Packets are created from scratch by NMAP itself.  It come along with the Graphic User Interface (GUI) or with the help of command lines.  It can be easily installed in the PC Operating Systems from the UNIX, Windows to the Apple Mac OS X [6]. It identifies the open ports in the network. 

Then, it audits the security of the network.  It also mapping the network. In NMAP, Graphical User Interface (GUI) options includes Zenmap, XNMap, and NmapFE. When NMAP run through the terminal (or) command prompt, then the entry fields are program, constraints on run and target.  The challenges while doing the scan are determination of the IP addresses to scan, source of scan, firewalls, accuracy and performance.  Nmap Scripting Engine (NSE) is used for the process of scan.  This engine is used for find and running the scripts of Nmap in system. 

1.  Features of the Nmap

Nmap has many features in the process of scanning the network.  It includes the discovery of hosts in network.  It produces the IPv6 support.  It produces better TLS (Transport Layer Security) / SSL (Security Socket Layer) scanning [2].  It is used for version detections, OS detection.  It has the feature of the scripted interaction with the target.  Then, NMAP latest version supports the updated version of the windows i.e. Windows 10.  Nmap is flexible [12].  It indicates that it supports more advanced technologies for mapping the networks.  It can able to scan huge networks which consists of thousands of machines.  It is portable and well documented.  It is also available in internet for free downloads. With this, anyone can prevent their network [7].  It is well supported by the developers and the users.  It can also supported by following Operating Systems. They are Solaris, IRIX, HP-UX, Net BSD, Sun OS, Amiga, etc. [11]

2.  Techniques used to explore vulnerabilities

The Port scanner is used to explore vulnerabilities in information system.  The port scanner is a software application. By using port scanner, the open ports in the target network are found. The open ports poses potential threat to the network. By closing all the unused open ports, the vulnerability chances will be reduced. The scanning used are TCP connect scan, TCP SYN scan, Ping Scan and version detection scan. The Vulnerability scanner is a software which is used to check whether the program is designed to attack the target network or not. These are explained below in detail.

3.  Experimental Setup

Install nmap using ‘apt-get install nmap’ command in Kali Linux. The nmap command shows the available command line options, if the installation of the nmap tool has been successful [8]. It is shown below.

The ‘ifconfig’ command is used to find the IP address of Kali Linux system. It is equalent of IPCONFIG in windows [3].

The ping scan is used for an IP range of 192.168.1.0 – 192.168.1.255. It is used for determining live hosts [13]. This commands scans the IPs in the IP address range and executing the nmap command.The SYN scan is used with OS detection [9].The open port scan with version detection is done [1]. There is no open ports. So there is no chance of vulnerabilities.

To increase the verbosity, -v is added in open port scan with version detection [10].

The default script scan is done on the target network of 192.168.1.200/24. There is no open ports. All ports closed [5]. SSH is the secure shell service. RPCBIND and NETBIOS-SSN are other associated services and these services are not in live state at present.

 The ping scan with discovery mode on is run. All the possible scanning will be done on the target network. The scanning results are shown below.Both IPv4 and IPv6 ips are scanned.

The single target is scanned by using nmap command. All the 1000 ports are closed. So there is no vulnerabilities [4].

4. Conclusion

The nmap tool is explained in detail. The features of the nmap tool is listed out. The nmap tool is used to check the vulnerabilities in the target network. The port scanning is used to check the open ports on the network. The open ports are the potential threat in the network. The techniques used by the tool to exploit vulnerabilities of information systems are explained and the experimental setup and evidence of usage of the tool are shown include screenshots of vulnerability testing. Reconnaissance activity can be performed over a network of hosts very easily using NMAP. In these type of activities usually firewalls and IDS devices will create problems for the devices.

NMAP can easily bypass these firewalls and IDS devices.NMAP can create well planned and powerful pockets and use them on the target devices. DNS look can be done with good speed using NMAP. NMAP libraries are very powerful and by properly using the NMAP libraries any activity can be possible upto any extent in network security area. Proxies are used to hide the identity of the person who is doing the scanning. NMAP can not be used through proxy. This is one of the few disadvantages of NMAP tool. NMAP is extremely versatile. It does TCP/UDP port scanning. It identifies the running services easily. It identifies the operating system and operating system services. NMAP tool is a CLI tool. Zenmap GUI can be used to create grafical results of NMAP.

This tool is very useful for system admins and pen testers. Stealth options are possible. Firewall can be easily bypassed. XML , Grepable are some of the output formats used in NMAP. LUA is the scripting language for this tool. Other tools are designed in PYTHON and RUBY. This is a disadvantage here. Scaning speed is good in NMAP device and it may create DDoS like problems in some network devices. STEALTH capabilities are poor. If we increase the STEALTH capability then the spped of the network activity will be affected in this tool.

References

[1]R. Ward, "NMAP: the UK’s nursing Internet gateway", VINE, vol. 33, no. 2, pp. 78-82, 2003.

[2]F. Duarte, F. Sikansi, F. Fatore, S. Fadel and F. Paulovich, "Nmap: A Novel Neighborhood Preservation Space-filling Algorithm", IEEE Transactions on Visualization and Computer Graphics, vol. 20, no. 12, pp. 2063-2071, 2014.

[3]C. Courcoubetis and V. Siris, "Procedures and tools for analysis of network traffic measurements", Performance Evaluation, vol. 48, no. 1-4, pp. 5-23, 2002.

[4]R. WARD, R. SCRIVENER and N. SMART, "NMAP", CIN: Computers, Informatics, Nursing, vol. 22, no. 4, pp. 227-231, 2004.

[5]R. Ward and R. Scrivener, "The development of NMAP - the UK’s gateway to high quality Internet resources in nursing, midwifery and allied health", Health Informatics Journal, vol. 8, no. 3, pp. 122-126, 2002.

[6]G. Bagyalakshmi, G. Rajkumar, N. Arunkumar, M. Easwaran, K. Narasimhan, V. Elamaran, M. Solarte, I. Hernandez and G. Ramirez-Gonzalez, "Network Vulnerability Analysis on Brain Signal/Image Databases using Nmap and Wireshark Tools", IEEE Access, pp. 1-1, 2018.

[7]"Large scale port scanning through tor using parallel Nmap scans to scan large portions of the IPv4 range - IEEE Conference Publication", Ieeexplore.ieee.org, 2018.

[8]"Anonymous port scanning: Performing network reconnaissance through Tor - IEEE Conference Publication", Ieeexplore.ieee.org, 201 

[13]"Kali Linux – Assuring Security by Penetration Testing", Network Security, vol. 2014, no. 8, p. 4, 2014.