An Introduction to NMAP

NMAP is a multifaceted utility used to scan a range of IP addresses, identify active systems, determine which ports on those systems are open, and identify the respective operating systems. Like all security tools it can be used defensively, by a network manager, to identify weaknesses that need to be corrected, or offensively, by an attacker, probing for vulnerabilities to exploit. In plain English, nmap will scan a range of host addresses or a network address range entered at the command line. It will determine which addresses are active systems currently on line. It will probe a range of ports, selectable by the user, to see what services the identified system is running. Finally it will probe the system for responses to some unusual packets to try and guess what operating system is installed on the target system.

Tags:

Read the complete paper at SANS