Working Of Zenmap (Network Scanning Tool)
Zenmap is the official graphical user interface (GUI) for the
Nmap Security Scanner. It is a multi-platform, free and open-source
application designed to make Nmap easy for beginners to use while
providing advanced features for experienced Nmap users. Frequently used
scans can be saved as profiles to make them easy to run repeatedly. A
command creator allows interactive creation of Nmap command lines. Scan
results can be saved and viewed later. Saved scans can be compared with
one another to see how they differ. The results of recent scans are
stored in a searchable database.CHOSEN SETUP
As Zenmap runs on a windows/Linux so i chose the following setup :
Windows OS – Windows 7 installed on a system
Version- Zenmap 6 (http://nmap.org
Scanning
Begin Zenmap by typing zenmap in a terminal or by clicking the Zenmap icon in the desktop environment.
Firstly, select the Target. Target could be any domain name or the IP Address, so right now my target is 10.0.0.2.
It is also possible to type in an Nmap command and have it executed without using a profile. Just type in the command and press return or click “Scan”.
In Zenmap there are 10 Types of Profile :
a. INTENSE SCAN
Command = nmap -T4 -A 10.0.0.2
Description = An intense, comprehensive scan. The -A option enables OS detection (-O), version detection (-sV), script scanning (-sC), and traceroute (–traceroute). Without root privileges only version detection and script scanning are run. This is considered an intrusive scan.
SCAN RESULT TABS
Each scan window contains five tabs which each display different aspects of the scan results. They are:
a) Nmap Output
b) Ports / Hosts
c) Topology
d) Host Details
Each of these are discussed in this section:
NMAP OUTPUT
The “Nmap Output” tab is displayed by default when a scan is run. It shows the familiar Nmap terminal output.
PORT/HOSTS
When a service is selected, the “Ports / Hosts” tab shows all the hosts which have that port open or filtered. This is a good way to quickly answer the question “What computers are running HTTP?”
TOPOLOGY
The “Topology” tab is an interactive view of the connections between hosts in a network.
HOST DETAILS
The “Host Details” tab breaks all the information about a single host into a hierarchical display. Shown are the host’s names and addresses, its state (up or down), and the number and status of scanned ports. The host’s uptime, operating system, OS icon. When no exact OS match is found, the closest matches are displayed.
No comments:
Post a Comment