SCANNING

Scanning After gathering preliminary information about the target, it is not time to identify the possible entry points of the target. Port is a place through which information goes into and out of a computer. It could be either external (USB, HDMI etc.) or internal (for network connections).

A port scan is a series of messages sent by someone attempting to break into a computer to learn which computer network services, each associated with a "well-known" port number, the computer provides. Port scanning, a favorite approach of computer cracker, gives the assailant an idea where to probe for weaknesses. Essentially, a port scan consists of sending a message to each port, one at a time. The kind of response received indicates whether the port .

A port scanning software simply sends request to each port sequentially and checks for the response. Using that methodology, it makes a note which port is open, blocked or filtered.

It is similar to a person checking your home for doors and windows, and check if it is locked or not. One of the most famous port scanners of all time, used by most of the security professionals in NMAP. Initally developed as a CLI (Command Line Interface) for Unix/Linux systems, now it is also available for Windows and in GUI mode (Zenmap).

Nmap is a free and open-source port scanner, written by Fyodor (original name Gordon Lyon)which has got a lot many features compared to other port scanners. Nmap can do different types of port scans, which we will be covering in detail. Nmap also comes with the Nmap Scripting Engine, to allow users to write codes and extend the functionality of Nmap.

Apart from single IP port scanning, Nmap could be used for active hosts discovery, determining the OS version, and scanning a range of IPs. It is used by attackers to find out the services running on the ports and exploiting the vulnerabilities existing in those services. It is also used by security professionals, to check if their firewall rules are working properly or not.

Installation

If you are on a Linux machine, which doesn’t have NMAP by default, you could install Nmap using sudo apt-get install nmap

Nmap also runs on Linux, Microsoft Windows, Solaris, HP-UX and BSD variants (including Mac OS X), AmigaOS and SGI IRIX. If you would like to download Nmap, you could go over to Nmap download page (http://nmap.org/download.html).