Sunday, 29 July 2012

The #security question du jour (ANSWERS TIME):

The following page is a good introduction to Nmap: http://linuxaria.com/article/understanding-nmap-commands-tutorial?lang=en

1. When would you use the –PR option for an Nmap scan?

The –PR option instructs NMap to perform an ARP (Address Resolution Protocol) ping scan on the desired target IP. This is a normal state for local scans and is faster on connected networks. In some instances, it can also be used to bypass poorly configured firewalls at layer 2.

2. List the most useful TCP ports to scan for in a network sweep. 3. What’s the Nmap “-F” command line option do?

We can answer parts 2 and 3 of the question in the same way.

A “-F” or – “Fast”, scans top 100 most popular ports. This is a means to get the most “bang for the buck” when scanning large networks and ranges. Basically, we are all time limited and we can add known bad ports we want to include to this list. You can also select “--top-ports [n]”. This option will scan the top ‘n’ ports. Ex 1000, 100, 50 ,etc.

I have also issued a number of posts on Nmap in the past on my blog:

http://gse-compliance.blogspot.com.au/search?q=nmap

Enjoy and test responsibly J

No comments: