Nmap 6: Network Exploration and Security Auditing Cookbook
Table of Contents
Nmap 6: Network Exploration and Security Auditing Cookbook
Credits
About the Author
Acknowledgement
About the Reviewers
www.PacktPub.com
Support files, eBooks, discount offers and more
Why Subscribe?
Free Access for Packt account holders
Preface
What this book covers
What you need for this book
Who this book is for
Conventions
Reader feedback
Customer support
Downloading the example code
Errata
Piracy
Questions
1. Nmap Fundamentals
Introduction
Downloading Nmap from the official source code repository
Getting ready
How to do it...
How it works...
There's more...
Experimenting with development branches
Keeping your source code up-to-date
See also
Compiling Nmap from source code
Getting ready
How to do it...
How it works...
There's more...
OpenSSL development libraries
Configure directives
Precompiled packages
See also
Listing open ports on a remote host
How to do it...
How it works...
There's more...
Privileged versus unprivileged
Port states
Port scanning techniques supported by Nmap
See also
Fingerprinting services of a remote host
How to do it...
How it works...
There's more...
Aggressive detection
Submitting service fingerprints
See also
Finding live hosts in your network
How to do it...
How it works...
There's more...
Traceroute
NSE scripts
See also
Scanning using specific port ranges
How to do it...
How it works...
There's more...
See also
Running NSE scripts
How to do it...
How it works...
There's more...
NSE script arguments
Adding new scripts
NSE script categories
See also
Scanning using a specified network interface
How to do it...
How it works...
There's more...
Checking a TCP connection
See also
Comparing scan results with Ndiff
Getting ready
How to do it...
How it works...
There's more...
Output format
Verbose mode
See also
Managing multiple scanning profiles with Zenmap
How to do it...
How it works...
There's more...
Editing and deleting a scan profile
See also
Detecting NAT with Nping
How to do it...
How it works...
There's more...
Nping Echo Protocol
See also
Monitoring servers remotely with Nmap and Ndiff
How to do it...
How it works...
There's more...
Monitoring specific services
See also
2. Network Exploration
Introduction
Discovering hosts with TCP SYN ping scans
How to do it...
How it works...
There's more...
Privileged versus unprivileged TCP SYN ping scan
Firewalls and traffic filters
See also
Discovering hosts with TCP ACK ping scans
How to do it...
How it works...
There's more...
Privileged versus unprivileged TCP ACK ping scan
Selecting ports in TCP ACK ping scans
See also
Discovering hosts with UDP ping scans
How to do it...
How it works...
There's more...
Selecting ports in UDP ping scans
See also
Discovering hosts with ICMP ping scans
How to do it...
How it works...
There's more...
ICMP types
See also
Discovering hosts with IP protocol ping scans
How to do it...
How it works...
There's more...
Supported IP protocols and their payloads
See also
Discovering hosts with ARP ping scans
How to do it...
How it works...
There's more...
MAC address spoofing
See also
Discovering hosts using broadcast pings
How to do it...
How it works...
There's more...
Target library
See also
Hiding our traffic with additional random data
How to do it...
How it works...
There's more...
See also
Forcing DNS resolution
How to do it...
How it works...
There's more...
Specifying different DNS nameservers
See also
Excluding hosts from your scans
How to do it...
How it works...
There's more...
Excluding a host list from your scans
See also
Scanning IPv6 addresses
How to do it...
How it works...
There's more...
OS detection in IPv6 scanning
See also
Gathering network information with broadcast scripts
How to do it...
How it works...
There's more...
Target library
See also
3. Gathering Additional Host Information
Introduction
Geolocating an IP address
Getting ready
How to do it...
How it works...
There's more...
Submitting a new geo-location provider
See also
Getting information from WHOIS records...