Network Scanning Using NMAP

Title:- Network Scanning using NMAP in Windows Exp. No:-1 Aim:- To study NMAP Software and demonstrate using various websites. Theory:- Nmap (“Network Mapper”) is an open source tool for network exploration and security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics.

While Nmap is commonly used for security audits, many systems and network administrators find it useful for routine tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. The output from Nmap is a list of scanned targets, with supplemental information on each depending on the options used. Key among that information is the “interesting ports table”.

That table lists the port number and protocol, service name, and state. The state is either open, filtered, closed, or unfiltered.

Open means that an application on the target machine is listening for connections/packets on that port. Filtered means that a firewall, filter, or other network obstacle is blocking the port so that Nmap cannot tell whether it is open or closed.

Get quality help now

WriterBelle

Verified

Proficient in: Computer Networking

4.7 (657)

“ Really polite, and a great writer! Task done as described and better, responded to all my questions promptly too! ”

+84 relevant experts are online

Hire writer

Closed ports have no application listening on them, though they could open up at any time. Ports are classified as unfiltered when they are responsive to Nmap’s probes, but Nmap cannot determine whether they are open or closed. Nmap reports the state combinations open|filtered and closed|filtered when it cannot determine which of the two states describe a port.

The port table may also include software version details when version detection has been requested. When an IP protocol scan is requested (-sO), Nmap provides information on supported IP protocols rather than listening ports. The topology view uses many symbols and color conventions. This section explains what they mean. | | | | | | Each regular host in the network is represented by a little circle. The color and size of the circle is determined by the number of open ports on the host. The more open ports, the larger the circle. A white circle represents an intermediate host in a network path that was not port scanned.

If a host has fewer than three open ports, it will be green; between three and six open ports, yellow; more than six open ports, red. | | | | | If a host is a router, switch, or wireless access point, it is drawn with a square rather than a circle. | | Network distance is shown as concentric gray rings. Each additional ring signifies one more network hop from the center host. | | Connections between hosts are shown with colored lines. Primary traceroute connections are shown with blue lines. Alternate paths (paths between two hosts where a different path already exists) are drawn in orange.

Which path is primary and which paths are alternates is arbitrary and controlled by the order in which paths were recorded. The thickness of a line is proportional to its round-trip time; hosts with a higher RTT have a thicker line. Hosts with no traceroute information are clustered around localhost, connected with a dashed black line. | | If there is no RTT for a hop (a missing traceroute entry), the connection is shown with a blue dashed line and the unknown host that makes the connection is shown with a blue outline. | Some special-purpose hosts may carry one or more icons describing what type of host they are: | | A router. | A switch. | | A wireless access point. | | A firewall. | | A host with some ports filtered. | Procedure:1. Click on the nmap icon(eye-shaped) in order to start nmap. 2. After nmap opens,type the name of a website or any specific IP address in the ‘Target’ column. 3. Select the type of scan(intense,quick. etc) in the ‘Profile’. 4. nmap displays all the relevant output details which includes a. nmap output b. ports/hosts c. topology d. host details e. scans. Example of NMAP software using wikipedia website Topology of Wikipedia website. Conclusion:- Hence we have studied NMAP Software with various websites.