olYou may raise a few eyebrows when telling customers that one of the tools you'll be using to check their networks is a free open source tool. Customers may be surprised that you're relying on a free tool with no commercial support and feel that you're putting profits before service. You'll need to explain that you use the best tools available, and many open source tools now compare favorably with commercial alternatives in terms of features, reliability and help forums. One in particular, Nmap, has become the tool of choice for many network and security administrators who want to map networks and test them for vulnerabilities.
Nmap (Network Mapper) Security Scanner, written by Fyodor and now up to version 4, provides a wide range of port-scanning techniques designed to rapidly scan networks, large and small, for network exploration and security auditing. This versatile utility can determine what hosts are available on a network, what services those hosts are offering, and what type of packet filters and firewalls are in use. It also has the ability to remotely fingerprint a machine's operating system. Most Unix and Windows platforms are supported, as is Mac OS X and several handheld devices. It is available in both command line and graphical user interface modes, a blessing for those who are less familiar with working at the command prompt.
If
Requires Membership to View
To gain access to this and all member only content, please provide the following information:
By submitting your registration information to SearchSecurityChannel.com you agree to receive email communications from the TechTarget network of sites, and/or third party content providers that have relationships with TechTarget, based on your topic interests and activity, including updates on new content, event notifications, new site launches and market research surveys. Please verify all information and selections above. You may unsubscribe at any time from one or more of the services you have selected by editing your profile, unsubscribing via email or by contacting us here
- Your use of SearchSecurityChannel.com is governed by our Terms of Use
- We designed our Privacy Policy to provide you with important disclosures about how we collect and use your registration and other information. We encourage you to read the Privacy Policy, and to use it to help make informed decisions.
- If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States.
you're tasked with looking after customer networks then you need to run scans to find any
open ports and see what information the network is leaking to potential attackers. Nmap is a
favorite hacker
tool so you'll be able to see exactly what they can find out about your customer's networks. A
Windows machine, for example, can use hundreds of ports to communicate with other machines, and
each open port is a potential route in to a network for an attacker. Port scanning with Nmap is a
fast and effective way to identify which ports are open, what services are running on them and
where weak spots exist in the network's defenses. When you have identified which ports are open,
you can close any that are not required, thus reducing the number of potentially exploitable
services. And when you have mapped the network, you can also see if any unexpected changes have
occurred since the last scan. For example, a machine infected by a worm will try to open ports in
order to listen for instructions from its controller.
Nmap has won numerous awards, including the Linux Journal's Editor's Choice Award for Best Security Tool. Other accolades include being featured in the film Matrix Reloaded and appearing in a photograph of President Bush visiting the NSA. So if you want to add one of the most versatile network tools to your toolbox and discover what hackers can learn about your customers' networks, you should download your copy at www.insecure.org. In upcoming tips in this series, I explain how to install and configure Nmap on both Linux and Windows machines.
Get the basics of installing, configuring and scanning with Nmap in the step-by-step guide.
 |
|
|
|
|
|
About the author
Michael Cobb, CISSP-ISSAP is the founder and managing director of Cobweb Applications Ltd., a
consultancy that offers IT training and support in data security and analysis. He co-authored the
book IIS Security and has written numerous technical articles for leading IT publications.
Mike is the guest instructor for SearchSecurity's Web Security
School and, as a SearchSecurity.com site expert, answers user questions on application
and platform
security.
This was first published in April 2007