System Scanning

Click here to view exercise as a PDF instead.

This exercise will introduce the concepts of network exploration and port scanning.

This exercise will demonstrate use of the nmap command for remote system port scanning, as well as the Zenmap GUI for nmap.

  1. Leran about network exploration 
  2. Learn about port scanning
  3. Learn about the nmap tool
  4. Learn about the zenmap tool

This exercise can be performed using a Linux, Windows or Mac OS X system

The nmap command is embedded in the Linux operating system. You can access nmap via the command line (Terminal app). 

In the Linux Virtual Machine you can start the terminal session and then learn about the options and syntax of the nmap command by entering "man nmap".

Using Windows on your own computer, you can download nmap from the http://nmap.org/download.html Web site.

Zenmap is a GUI front-end to nmap, available from the http://nmap.org/zenmap/ Web page. Zenmap is available for the Windows OS.

You can enter the ZenMap GUI interface on your Windows Virtual Machine. 

If you are running Mac OS X, you can access nmap via the command line (Terminal app). 

Zenmap is a GUI front-end to nmap, available from the http://nmap.org/zenmap/  Web page. Zenmap is available for the Mac OS.

In this section, you will run nmap from the Terminal command line on your Linux Virtual Machine system.

To get a feel for all of the options of nmap, use the "man nmap" command to see the nmap man pages

IMAGE 1

1

IMAGE 2

1

We will start with a basic, somewhat comprehensive nmap scan of the ERAU Web server, using the following three switches: -A will employ operating system detection, script scanning, and traceroute; -T4 will operate almost as quickly as possible (-T5 would be faster); and -v provide verbose output. At the command line, enter the following:

IMAGE 3

1

IMAGE 4

1

The screen above shows that there are (at least) two open TCP ports. When you look at the rest of the display, can you identify the software and version that is associated with each port? What is the probably OS? Report what you find to the Discussion forum.

Now, select a couple of your own favorite Web sites and run nmap against them. Try some different options and record both your commands and the results. Report what you found in the Discussion forum. Did you find anything unexpected or surprising?

In this section, you will run Zennmap from your Windows Virtual Machine system. We are now going to more or less repeat with Zenmap what we did with nmap.

Start the Zenmap GUI.

IMAGE 5

1

IMAGE 6

1

The string "nmap -T4 -A -v" will already be in the Command field.

Enter "www.erau.edu" in the Target field (note that the Command field will change automatically).

Then press the Scan button to execute the command against the target.

IMAGE 7

1
  1. Do you see anything significantly different from the use of the basic nmap command above?
  2. The GUI, obviously, has a lot of tabs and buttons. Click around and see what kind of information has been provided and how it is organized.
  3. Save the results of the scan using the Scan, Save Scan pull down menu. This will create an XML file. For testing purposes, be sure that you can open the scan report file.
  4. Run one or two scans on the sites that you identified above. Save the scans, as in the step above.
  5. Describe your experiences and reactions in the Discussion forum. If you wish, attach one of your XML files to your Discussion posting.

Additional resources will be provided here at a later date.


Creative Commons License
CyberExplorations Exercises by Glenn S. Dardick is licensed under a Creative Commons Attribution 4.0 International License.