Admin Task #2: Scanning with Nmap

Nmap is a must-have in your IT arsenal. For this challenge, you will be performing some test scans to look for vulnerabilities in your system.

December 4, 2017

About This Challenge

Nmap (“Network Mapper”) is a free and open source utility for network discovery and security auditing. For this challenge, you will be mining information from Nmap to see what a hacker might find when using this tool. This way, you will be aware of any security vulnerabilities from the outside of your network.

Disclaimer: Ensure any activities undertaken on your work network are allowed by your corporate policy and approved by management at your organization.

Follow The Instructions To Complete Today’s Network Defender Task:

Feel free to download the PDF version of the directions for your review.

Download PDF

Download and install nmap from https://nmap.org to complete this task. It can easily be installed on Windows, linux, and OS X installations.

Conduct a test scan of the DNS name scanme.nmap.org. You can visit that website at scanme.nmap.org. This is a test site by Fyodor, creator of map, that users can scan against. There are GUI front-ends for nmap — use the command line/ terminal for the exercises below.

Install nmap for your OS, and conduct the following scans against scanme.nmap.org:

TCP SYN scan (the most popular scan type)

TCP connect

UDP scan

Xmas scan

While performing these scans, answer the following questions:

1. What differences do you see between the scan types?

2. Add banner grabbing to the TCP SYN scan – how do the results change?

3. Add OS Detection to the scan types – how do the results change?

4. Review how to scan a range vs a single host.

5. Repeat one of the scan types so that it scans the site even if the site doesn’t respond to a ping, a common security configuration.

6. Use the verbose, or very verbose, switches with the scans to see the difference in the amount of information returned.

Summary:

Once an attacker has gotten an IP range for an organization, they may utilize nmap or a similar tool to gather information about the target.  It’s a great idea to scan your external IP range from outside your organization to “see what an attacker sees” — and know what they know.

Realize that scanning a target may crash it – rare, but possible, so proceed cautiously.

Nmap can be used after a firewall change to confirm the rules are behaving as expected. We’ve used it in scripts to identify rogue laptops and their OS that appeared on the network. And it can be used in your vulnerability management program: open ports increase your attack surface — a bad thing. Scan your hosts to ensure that they’re locked down like they should be, and unnecessary services are turned off.

Once you’ve followed these directions, scroll down to mark this challenge complete.

Once You’ve Completed This Task Click This Button.

I Completed This Task

If your company will not allow you to perform the above task. Please read this security article and click the button above.

IT Security Training To Prepare You For War

Loving The Challenge And Want More Great StormWind Content? Contact Us To Schedule A Security Training Consultation

First Name

Last Name

Email

Company

Job Role:

Phone Number

Why Over 100,000 Techs Believe In StormWind Studios

StormWind Studios is to IT training what George Lucas is to Star Wars. We take industry experts, add serious special effects, and deliver the most exciting, compelling live IT training on the planet – see for yourself during our Network Defender 5-Day Challenge

Signing up for Stormwind is one of the best education decisions I've made and I strongly recommend them to anyone interested in studying IT.

Jon Lincoln

One of the coolest parts about this course (CEH) was that lectures were recorded daily, so you could make up any missed time without a lot of headache or heartache. I just took the Certified Ethical Hacker test, and I’m pleased to say that I passed on the first try.

Dave Cork

I took StormWind classes and labs- absolutely OUTSTANDING! I did those just prior to going for my certification exam and passed it with a 923 out of 1000.

Ron Marx

It has made a sizable impact with our company, our offerings to our client base, and my personal career. I am looking forward to this new position with my employer in San Antonio, thanks to StormWind.

Mike Lind