Perform An Experiment For Port Scanning With Nmap, Superscan or Any Other Equivalent Software

Download as doc, pdf, or txt
Download as doc, pdf, or txt
You are on page 1of 4

EXPERIMENT NO.

7
Perform an experiment for Port Scanning with nmap, superscan or any other
equivalent software
Aim: To Perform an experiment for Port Scanning with nmap, superscan or any other
equivalent software
Objectives:
Port scanning:
Port scanning or scanning is when intruders collect information on the
network services on a target network. Here, the intruder attempts to find open ports on the
target system.

The different scanning methods that network attackers use are:


1. Vanilla scan/SYNC scan: TCP SYN packets are sent to each address port in an attempt
to connect to all ports. Port numbers 0 65,535 are utilized.
2. Strobe scan: Here, the attacker attempts to connect to a specific range of ports that are
typically open on Windows based hosts or UNIX/Linux based hosts.
3. Sweep: A large set of IP addresses are scanned in an attempt to detect a system that has
one open port.
4. Passive scan: Here, all network traffic entering or leaving the network is captured and
traffic is then analyzed to determine what the open ports are on the hosts within the
network.
5. User Datagram Protocol (UDP) scan: Empty UDP packets are sent to the different
ports of a set of addresses to determine how the operating responds. Closed UDP ports
respond with the Port Unreachable message when any empty UDP packets are
received. Other operating systems respond with the Internet Control Message Protocol
(ICMP) error packet.
6. FTP bounce: To hide the attackers location, the scan is initiated from an intermediary
File Transfer Protocol (FTP) server.
7. FIN scan: TCP FIN packets that specify that the sender wants to close a TCP session
are sent to each port for a range of IP addresses.

Zenmap/Nmap:
Nmap ("Network Mapper") is a free and open source (license) utility for network exploration or
security auditing. Many systems and network administrators also find it useful for tasks such as
network inventory, managing service upgrade schedules, and monitoring host or service uptime.
Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what
services (application name and version) those hosts are offering, what operating systems (and OS
versions) they are running, what type of packet filters/firewalls are in use, and dozens of other
characteristics. It was designed to rapidly scan large networks, but works fine against single hosts.
Nmap runs on all major computer operating systems, and official binary packages are available for
Linux, Windows, and Mac OS X. Nmap is executable in classic command-line and an advanced
GUI results viewer Nmap can recognise five port states such as: Closed,Filtered, Unfiltered, Open-
filtered and Closed-Filtered.

1.Open the terminal and Enter the following command


Nmap -sS 192.168.1.88
2. Scanning range of ip address
Nmap -sS 192.168.1.50-90

Procedure:

Working with Nmap/Zenmap:

1. Download the Nmap software from the website www.Nmapdownload.org by accepting

the license agreement.

2. After downloading Nmap setup must be done.

3. By agreeing the license agreement, by selecting components and choose the location

where the Nmap software to be installed.

4. Select Create Desktop icon & Start Menu Folder option.

5. Installation of Nmap Completes.

6. After the installation,click on Nmap icon on desktop.

7. On the Zenmap Window in target option enter the targeted website URL.
8. On the profile bar select Intense Scan option.

9. After scanning, it will list the number of ports, types of ports, Protocol used, Service

offered by the ports, Status of port, version of Software using by port etc.,

10. Go to file menu select save option to save these information in some files.

Conclusion: _________________________________________________________

You might also like