NMAP or the Network Mapper is a tool which has long been used for port scanning and network mapping. It is a must-have for a lot of security and network administrators who constantly scan ports to detect potential vulnerabilities. It is also often employed for attacking systems though. Combined with popular hacking methods like phishing, keylogging, or cookie stealing, it can target computer activities whether logging on to emails or social networking sites like Facebook.
There are two main reasons why the NMAP has picked up popularity in the industry. First, it is very easy to use and second, it has a wide range of uses.
There are three basic scans that can be performed on ports using the NMAP.
- SYN Scan is the most basic and common scan used for computer ports. Results may come faster when compared to others, but these can be really general as well.
- FIN Scan allows for the detection of weak firewalls and filtered packets. It also warns attackers should they need to create stealth when attacking victim networks.
- ACK Scan allows for the scanning of both unfiltered and filtered ports. It is currently rendered the most advanced scan the NMAP can do.
· Use of Decoy
When scanning ports, the NMAP allows the use of decoys to avoid being caught by system administrators. Decoy IP addresses will be shown in target security logs instead of the actual IPs of attackers. However, decoy addresses have to be alive. It is still essential to check target security logs for assurance.
- Reverse DNS Lookup
The NMAP is able to perform a reverse DNS lookup on a subnet as well. This tool can produce a listing of available IP addresses along with the related PTR record of a subnet. Subnets may be entered in a CDIR notation.
Aside from scanning ports, NMAP is also able to:
- Find active IP addresses wi
- Ping IP address range
- Find which IPs are unused on given subnets
- List servers with open ports
- Get info on OS detection and remote host ports
NMAP has constantly been rated 5 stars and is often promoted by compliance, network and security engineers. The tool can be helpful in training new generation engineers since it prompt enlightening as well as the collection of valuable information regarding one’s network. It is a huge contribution to segment architecture and base lining of networks, highlighting potentially risky changes and connection information.
But is NMAP for good or bad?
It is a very powerful tool and as with others, can be a double-edged sword. The NMAP can discover open ports but it would still depend on users what they want to do further, whether exploit vulnerabilities or make networks safer.