Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases now! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Digital Forensics with Kali Linux

You're reading from   Digital Forensics with Kali Linux Enhance your investigation skills by performing network and memory forensics with Kali Linux 2022.x

Arrow left icon
Product type Paperback
Published in Apr 2023
Publisher Packt
ISBN-13 9781837635153
Length 414 pages
Edition 3rd Edition
Arrow right icon
Author (1):
Arrow left icon
Shiva V. N. Parasram Shiva V. N. Parasram
Author Profile Icon Shiva V. N. Parasram
Shiva V. N. Parasram
Arrow right icon
View More author details
Toc

Table of Contents (24) Chapters Close

Preface 1. Part 1: Blue and Purple Teaming Fundamentals
2. Chapter 1: Red, Blue, and Purple Teaming Fundamentals FREE CHAPTER 3. Chapter 2: Introduction to Digital Forensics 4. Chapter 3: Installing Kali Linux 5. Chapter 4: Additional Kali Installations and Post-Installation Tasks 6. Chapter 5: Installing Wine in Kali Linux 7. Part 2: Digital Forensics and Incident Response Fundamentals and Best Practices
8. Chapter 6: Understanding File Systems and Storage 9. Chapter 7: Incident Response, Data Acquisitions, and DFIR Frameworks 10. Part 3: Kali Linux Digital Forensics and Incident Response Tools
11. Chapter 8: Evidence Acquisition Tools 12. Chapter 9: File Recovery and Data Carving Tools 13. Chapter 10: Memory Forensics and Analysis with Volatility 3 14. Chapter 11: Artifact, Malware, and Ransomware Analysis 15. Part 4: Automated Digital Forensics and Incident Response Suites
16. Chapter 12: Autopsy Forensic Browser 17. Chapter 13: Performing a Full DFIR Analysis with the Autopsy 4 GUI 18. Part 5: Network Forensic Analysis Tools
19. Chapter 14: Network Discovery Tools 20. Chapter 15: Packet Capture Analysis with Xplico 21. Chapter 16: Network Forensic Analysis Tools 22. Index 23. Other Books You May Enjoy

Using Nmap to fingerprint host details

Now that we’re familiar with how to view nmap switches and run a basic scan, let’s perform host enumeration by discovering running services, ports, and even the OSes of discovered hosts, which may be useful artifacts within our DFIR investigation.

As shown in the previous section, nmap is fairly simple to use once you are aware of the various switches that can be used. Feel free to again run the sudo nmap –h command to view the available switches and options.

For our purposes, an –A option in nmap can perform the following tasks when enumerating a host or an entire network:

  • OS detection
  • Service version detection
  • Script scanning
  • Traceroute

The –A option can take a while to run on an entire network, so I’ll run it against a single host, which was shown as alive when I previously ran the ping scan on my network.

To run this service scan as it is called, I’ll run...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime