Port Scanning with Nmap

Task:

Conduct a series of port scanning activities using Nmap, a versatile network scanning tool, to discover open ports and services on target systems. The goal is to understand the scanning process and identify potential vulnerabilities in target networks.

Step-by-Step Instructions:

1. Install Nmap:

Begin by installing Nmap on your system. Nmap is available for different platforms like Linux, Windows, and macOS. Familiarize yourself with the Nmap command-line interface and basic scan options.

Command to install Nmap (on Linux): 
sudo apt install nmap

2. Perform Basic Scans:

Start with some simple scans to get used to how Nmap works. Perform scans on target IP addresses or ranges. Here are a few types to try:

TCP SYN Scan (Stealth Scan): 
nmap -sS <target-ip>
TCP Connect Scan: 
nmap -sT <target-ip>
UDP Scan: 
nmap -sU <target-ip>

Analyze the output to identify open ports and the services running on them. This helps in spotting potential weak points.

3. Analyze Results:

After each scan, take note of which ports are open and what services are running. Look for any unusual services that might indicate vulnerabilities. For example, open ports like 21 (FTP) or 23 (Telnet) can suggest outdated or insecure configurations.

4. Advanced Features of Nmap:

Explore some of the advanced features that Nmap offers to enhance your scans:

OS Detection: Identify the operating system of the target system. 
nmap -O <target-ip>
Service Version Detection: Find the versions of services running on the open ports. 
nmap -sV <target-ip>
Nmap Scripting Engine (NSE): Use powerful scripts to probe further for vulnerabilities. 
nmap --script vuln <target-ip>

5. Document the Process:

Keep track of the following details:

  • Scan Types Used: Record each type of scan (e.g., TCP SYN, UDP).
  • Target Selection: Mention why you chose specific IPs or ranges.
  • Scan Findings: Summarize the open ports, services, OS details, and any potential vulnerabilities found.