Question

network security tool- Nmap
• Platform and tools used
• Design of experiments (attack/defense)
• Preliminary tests
• IEEE style report

Answer 1

Platform and Tool used:

1- Nmap and Zenmap (the graphical front end) are available in several versions and formats.

Available for Windows, Linux MAC.

Design of experiments (attack/defense)

Nmap features include:

• Host discovery – Identifying hosts on a network. For example, listing the hosts that respond to TCP and/or ICMP requests or have a particular port open.
• Port scanning  – Enumerating the open ports on target hosts.
• Version detection – Interrogating network services on remote devices to determine application name and version number.
• OS detection – Determining the operating system and hardware characteristics of network devices.
• Scriptable interaction with the target – using Nmap Scripting Engine(NSE) and Lua programming language.

Nmap can provide further information on targets, including reverse DNS names, device types, and MAC addresses.

Usage and Examples

The inner workings of OS detection are quite complex, but it is one of the easiest features to use. Simply add -O to your scan options. You may want to also increase the verbosity with -v for even more OS-related details. This is shown in Example 8.1.

Preliminary tests

Example: OS detection with verbosity (-O -v)

Including the -O -v options caused Nmap to generate extra Information

IEEE style report

Abstract:

As the number of devices connected to the Internet has been exponentially increasing, the degree of threats to those devices and networks has been also increasing. Various network scanning tools, which use fingerprinting techniques, have been developed to make the devices and networks secure by providing the information on its status. However, the tools may be used for malicious purposes. Using network scanning tools, attackers can not only obtain the information of devices such as the name of OS, version, and sessions but also find its vulnerabilities which can be used for further cyber-attacks. In this paper, we compare and analyze the performances of widely used network scanning tools such as Nmap and Nessus. The existing researches on the network scanning tools analyzed a specific scanning tools and they assumed there are only small number of network devices. In this paper, we compare and analyze the performances of several tools in practical network environments with the number of devices more than 40. The results of this paper provide the direction to prevent possible attacks when they are utilized as attack tools as well as the practical understanding of the threats by network scanning tools and fingerprinting techniques.

Published in: 2016 Eighth International Conference on Ubiquitous and Future Networks (ICUFN)

Date of Conference: 5-8 July 2016

Date Added to IEEE Xplore: 11 August 2016

ISBN Information:

Electronic ISSN: 2165-8536

INSPEC Accession Number: 16214838

DOI: 10.1109/ICUFN.2016.7537162

Publisher: IEEE

Conference Location: Vienna, Austria