NOTE: A full open scan completed the connection – sending the final Ack in the three-way handshake. Start a new capture in Wireshark and compare half and full open scans by running the following, one at a time:Ĭan you identify what NMAP is doing differently between the two scans?.Tcp.dstport = 80 Task 5 – Full Open vs Half Open Use filter to look at the specific ports to see what NMAP is doing:.Then type the following to carry out an operating system scan:.With this option, NMAP will attempt to identify the version of services running on the queried port. Now use the command line version of NMAP and Wireshark to carry out some specific scans: Is there any additional useful information? Are the results different to the last scan? Once the scan has completed (it will take a while), notice the services NMAP has discovered. Select Intense Scan in the Profile field and click Scan.Switch back to Zenmap and check (or enter if required) that 192.168.1.99 is in the Target field.You will now perform an intense scan to uncover more details about the services available on a target device. View the capture to see how NMAP works.Click on the Host Details tab, is there any useful data displayed?.Once the scan has completed, notice the services the NMAP has discovered.Select Regular scan from the Profile field and click Scan.The basic scan will reveal to us any ports which are open on the target host. Having discovered some devices, the next step is to see what services are available on a target device. Nmap -sn 192.168.1.0/24 Task 2 – Basic Hosting Scanning To run the same scan from the command line in Kali, open a new terminal and type: Note the NMAP can only use ARP if it is connected to the same local network. This achieves the same result (discovering devices on the network) but is more reliable as PING is often blocked. NOTE: You should see that, despite selecting the option for a ping, scan NMAP chose to use ARP instead. Return to Wireshark and stop the capture.Once the scan has completed, note the number of devices that NMAP has discovered. Click the drop down arrow for the Profile and select Ping scan, then click Scan.Once ZENMAP has opened – in the Target field, type:.Enter Zenmap into the search box of the Kali menu (little Kali icon in the top left) then click on Zenmap to open it.Log in to the Kali VM with username root and password toor and start Wireshark.NOTE: Performing a ping scan will scan the entire network for live hosts. You will need Kali Linux and Metasploitable TR VMs. In this lab exercise you will use NMAP/ZENMAP to perform different scans and use Wireshark to analyse NMAP’s behaviour.
0 Comments
Leave a Reply. |