Tuesday, November 25, 2014

NMAPing Faster

NMAP or Network Mapper is a phenomenal tool used for mapping networks, determining the ports open on a host and performing security auditing. The NSE or NMAP Scripting Engine feature allows users to extend the functionality of NMAP by allowing the execution of scripts. These scripts allow users to automate network task such as performing dictionary attacks, performing vulnerability checks, checking for backdoors, etc.

Depending on the size of the network, network performance, open ports among other things, scans may take a long time to complete. By default NMAP will attempt to scan 1000 of the most common ports for each protocol. One combination of NMAP features we can use to make scans faster is to use the -n switch to disable DNS resolution along with limiting the ports that need to be scanned. As seen below the first scan using the default settings took over three seconds to complete but the same scan without DNS resolution and limited to five ports was done in .20 seconds. This technique can save time when looking for targets on a large network or dealing with limited bandwidth.

nmap xxx.xxx.x.xx

Starting Nmap 6.47 ( http://nmap.org ) at 2014-11-25 19:29 CST
Nmap scan report for Muffin (xxx.xxx.x.xx)
Host is up (0.030s latency).
Not shown: 989 closed ports
135/tcp   open     msrpc
139/tcp   open     netbios-ssn
445/tcp   open     microsoft-ds
1110/tcp  filtered nfsd-status
5357/tcp  open     wsdapi
49152/tcp open     unknown
49153/tcp open     unknown
49154/tcp open     unknown
49155/tcp open     unknown
49156/tcp open     unknown
49175/tcp open     unknown
MAC Address: F8:16:54:CA:48:60 (Intel Corporate)

Nmap done: 1 IP address (1 host up) scanned in 3.14 seconds

nmap -n -p 139,445,80,8080 xxx.xxx.x.xxx

Starting Nmap 6.47 ( http://nmap.org ) at 2014-11-25 19:30 CST
Nmap scan report for xxx.xxx.x.xx
Host is up (0.093s latency).
80/tcp   closed http
139/tcp  open   netbios-ssn
445/tcp  open   microsoft-ds
8080/tcp closed http-proxy
MAC Address: F8:16:54:CA:48:60 (Intel Corporate)

Nmap done: 1 IP address (1 host up) scanned in 0.20 seconds

Saturday, November 22, 2014

The Tag Line Explains it All!

Hello and welcome to my blog. You are probably asking what topics will be discussed at seanthomasjones.com. The tagline explains it all, the topics of discussion will be GOD, Family, Country and InfoSec. Why you ask?
A belief in GOD sets the foundation for my life, this belief affects all that I do. My views and approach to family, country and infosec is rooted in my belief in the GOD revealed in the Bible. This subject is one of which I carefully dedicate myself to. Why? Because my Heavenly Father has dedicated himself to me.
Families are the foundation of a country and the stronger the families, the stronger the country. The Bible says believers are the body of Christ and each person plays a part. The same analogy can be applied for a country and its families. Each family plays a part in determining the direction and strength of a country.
I love the United States of America and my desire is to see it and its people prosper. I have been afforded the opportunity to move from government housing in Southwestern Pennsylvania where I lived as a child to a beautiful suburb in Southeastern Texas as an adult. America is not perfect but it is still a phenomenal place to live and I would like to help make it a better place for my children.
Information Security is a fun and demanding field and it is how I make my living. It is difficult to imagine doing anything else because there is so much to do in the world of information security. In this field if you are not learning something new everyday, you may be doing something wrong.
I hope that your time on my blog will provide information, provoke thought or benefit you. Feel free to leave a comment, share ideals or provide constructive criticism. You may also contact me using the “Contact Me” link at the top.
first_blog_post = “Hello World”
print first_blog_post