NMAP or Network Mapper is a phenomenal tool used for mapping networks, determining the ports open on a host and performing security auditing. The NSE or NMAP Scripting Engine feature allows users to extend the functionality of NMAP by allowing the execution of scripts. These scripts allow users to automate network task such as performing dictionary attacks, performing vulnerability checks, checking for backdoors, etc.
Depending on the size of the network, network performance, open ports among other things, scans may take a long time to complete. By default NMAP will attempt to scan 1000 of the most common ports for each protocol. One combination of NMAP features we can use to make scans faster is to use the -n switch to disable DNS resolution along with limiting the ports that need to be scanned. As seen below the first scan using the default settings took over three seconds to complete but the same scan without DNS resolution and limited to five ports was done in .20 seconds. This technique can save time when looking for targets on a large network or dealing with limited bandwidth.
nmap xxx.xxx.x.xx
Starting Nmap 6.47 ( http://nmap.org ) at 2014-11-25 19:29 CST
Nmap scan report for Muffin (xxx.xxx.x.xx)
Host is up (0.030s latency).
Not shown: 989 closed ports
PORT STATE SERVICE
135/tcp open msrpc
139/tcp open netbios-ssn
445/tcp open microsoft-ds
1110/tcp filtered nfsd-status
5357/tcp open wsdapi
49152/tcp open unknown
49153/tcp open unknown
49154/tcp open unknown
49155/tcp open unknown
49156/tcp open unknown
49175/tcp open unknown
MAC Address: F8:16:54:CA:48:60 (Intel Corporate)
Nmap done: 1 IP address (1 host up) scanned in 3.14 seconds
nmap -n -p 139,445,80,8080 xxx.xxx.x.xxx
Starting Nmap 6.47 ( http://nmap.org ) at 2014-11-25 19:30 CST
Nmap scan report for xxx.xxx.x.xx
Host is up (0.093s latency).
PORT STATE SERVICE
80/tcp closed http
139/tcp open netbios-ssn
445/tcp open microsoft-ds
8080/tcp closed http-proxy
MAC Address: F8:16:54:CA:48:60 (Intel Corporate)
Nmap done: 1 IP address (1 host up) scanned in 0.20 seconds
No comments:
Post a Comment