Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases now! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Practical Linux Security Cookbook

You're reading from   Practical Linux Security Cookbook Secure your Linux machines and keep them secured with the help of exciting recipes

Arrow left icon
Product type Paperback
Published in Apr 2016
Publisher Packt
ISBN-13 9781785286421
Length 276 pages
Edition 1st Edition
Tools
Arrow right icon
Authors (2):
Arrow left icon
Michael A Lindner Michael A Lindner
Author Profile Icon Michael A Lindner
Michael A Lindner
Tajinder Kalsi Tajinder Kalsi
Author Profile Icon Tajinder Kalsi
Tajinder Kalsi
Arrow right icon
View More author details
Toc

Table of Contents (12) Chapters Close

Preface 1. Linux Security Problems FREE CHAPTER 2. Configuring a Secure and Optimized Kernel 3. Local Filesystem Security 4. Local Authentication in Linux 5. Remote Authentication 6. Network Security 7. Security Tools 8. Linux Security Distros 9. Patching a Bash Vulnerability 10. Security Monitoring and Logging Index

Scanning hosts with Nmap

Nmap is one of the most popular tools included in Linux that can be used to scan a network. It has been in existence for many years, and to date, it is one of the most preferable tools to gather information about a network.

Nmap can be used by administrators on their networks to find any open ports and host systems.

When doing a vulnerability assessment, Nmap is surely a tool that can't be missed.

Getting ready

Most Linux versions have Nmap installed. The first step is to check whether you already have it using this command:

nmap –version

If Nmap exists, you should see an output similar to what is shown here:

Getting ready

If Nmap is not already installed, you can download and install it from https://nmap.org/download.html

How to do it…

Follow these steps to scan hosts using Nmap:

  1. The most common use of Nmap is to find all online hosts within a given IP range. The default command used to do this takes some time to scan the complete network, depending on the number of hosts present in the network. However, we can optimize the process in order to scan the range faster.

    The following screenshot shows you an example of this:

    How to do it…
  2. In the preceding example, the time taken to complete the scan was 6.67 seconds when scanning 100 hosts. If the whole IP range for a particular network is to be scanned, it would take a lot more time.
  3. Now, let's try to speed up the process. The n switch tells Nmap not to perform the DNS resolution of the IP addresses, hence making the process faster. The T switch tells Nmap what speed to operate at. Here, T1 is the slowest and T5 is the fastest. The max-rtt-timeout option specifies the maximum time required to wait for the response.

    Now, the same command is shown in this example:

    How to do it…

    This time, Nmap scanned the complete IP range in 1.97 seconds. Pretty good, right?

  4. Port scanning using Nmap helps us discover services that are online, such as finding FTP servers. To do this, use the following command:
    How to do it…

    The preceding command of Nmap shall list out all the IP addresses that have port 21 open.

  5. Not only FTP, other services can also be discovered by matching the port numbers on which they run. For example, MySQL runs on port 3306. The command will now look like this:
    How to do it…

How it works…

Nmap checks for services that are listening by testing the most common network communication ports. This information helps the network administrator to close down any unwanted or unused services. The preceding examples show you how to use port scanning and Nmap as powerful tools to study the network around us.

See also

Nmap also has scripting features using which we can write custom scripts. These scripts can be used with Nmap to automate and extend its scanning capabilities. You can find more information about Nmap on its official home page at https://nmap.org/

You have been reading a chapter from
Practical Linux Security Cookbook
Published in: Apr 2016
Publisher: Packt
ISBN-13: 9781785286421
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime