Hacking With Nmap – The Network Mapping Tool
Nmap is most widely used port scanning & network mapping tool used widely by network administrators & security administrators to scan their ports for potential vulnerabilities. If you are not aware of Nmap & you don’t have it then you can download it here for both Linux & Windows.
Nmap Hacking Theory
Following are the states that ports are available in
1. Open Closed
2. Filtered Unfiltered
3 .Open / filtered Closed/unfiltered
Scanning through Nmap gives you list of ports that are opened or filtered. Most of closed ports are not disclosed as there are almost 65000 ports in a computer for communication.
(Filtered packet : It means the data packets that are sent or received are filtered by firewall to secure it.)
Ok, So ready to hack with Nmap,
There are three types of basic scans you can perform on ports which is as follows :
SYN Scan : It is the most simple & common scan that is used to scan for ports. The scan results are very faster compared to other types , but it gives generalized results.
FIN Scan : FIN scan can detect if any kind of filtered packets or weak firewalls, and warns attacker to create stealth for attacking the victim network.
ACK Scan : Filtered and unfiltered ports can be scanned with this type of port scan. It is the most advanced scanning done with nmap.
Hacking With Nmap
So let us start with commands of Nmap operation in Linux:
SYN scan :
For scanning www.sampledomain.com
Type in your terminal of linux:
#nmap -sS -T4 www.sampledomain.com (replace domain or IP you wish to scan at sampledomain.com)
Result will be having three tables :
Port State Service
This will give you port number its state open?filtered like that & services will give you what is service running on that ports.
FIN Scan :
#nmap -sF -T4 www.sampledomain.com (replace domain or IP you wish to scan at sampledomain.com)
Live host & filtered ports are found out with this method
ACK Scan :
#nmap -sA -T4 www.sampledomain.com (replace domain or IP you wish to scan at sampledomain.com)
All closed ports are eliminated with this ACK scan. And you’ll only see ports that are up for attack.
So this was a basic Nmap hacking or port scanning tutorial. You can also find OS running, web server & mail server scanning & this data can be used as Passive attack gathering stage which we have discussed in pre attack stages.
We will discuss web server hacking in upcoming posts. Please post your queries regarding nmap by commenting here. So that we can help you the most.
This post is made by Amol Wagh who blogs about Ethical Hacking & Exploits on Hackers Enigma Dot Com. You can Follow Amol on Twitter Here.
Popularity: 2% [?]
Enjoyed this article? Subscribe to Hacking Truths and get daily updates about new cool websites and programs in your email for free.
[...] More here: Hacking With Nmap – The Network Mapping Tool [...]
Hey i have bsnl broadband at my home. Its an Dial Up PPPOE connection. But NMAP doesn’t work in PPPOE connections.
Can you tell me some other scanner that works on PPPOE connection???
Hii Shitu,
Nmap Works with any type of internet connection & I also have same PPPoE Internet from BSNL. Which OS you are using ? or what problem does it gives to you ?
Hi Amol thanks for replying. I am using Win XP SP2. Whenever i use NMAP it gives error
WARNING: Using raw sockets because ppp0 is not an ethernet device. This probably won’t work on Windows.
So i track back the error and found this page http://seclists.org/nmap-dev/2009/q3/0336.html.
Actually NMAP uses WinPcap which don’t work on PPPOE connections.
But how come it works on your PC??
Note : If you have any Query related to the above Article please Post it to the Support Forum.
Leave your response!
Popular Posts
Follow Me
Free SMS Alerts
For Indian Users
Send START HACKING <cityname> to 575758
* for more info click here
Recent Posts
Most Commented
Categories
Archives
Translator
Introducing Myself
Blogroll