Linux Today: Linux News On Internet Time.

More on LinuxToday Scanning and Defending Networks with Nmap

Feb 18, 2000, 07:38 (2 Talkback[s])
(Other stories by Rich Jankowski)

[ Thanks to Rich Jankowski for this link. ]

"Recently the media has been covering many Internet break-ins, their reporters spinning tales of clever bandits who magically gain access to machines with a simple keystroke. In real life, however, it is rarely that simple. Cracking into a computer system requires planning. A cracker has to find a target machine, and then find out what ports the machine is listening on before a system can be compromised."

"This is usually done through scanning, the art of finding machines on a network and testing them to see what ports are listening. Scanning networks and hosts is the first strategy a cracker will use before launching an attack. By using scanners such as Nmap, the "bad guys" are able to sweep networks and look for vulnerable targets. Once these targets are identified, an intruder is able to scan for listening ports. Nmap will also use TCP stack fingerprinting to accurately determine the type of machine being scanned."

"This article will cover the use of Nmap to allow a security administrator to probe his/her site to get a "cracker's view" of his/her network. By employing the same tools used by an intruder, an administrator will see what his/her site looks like to the bad guys, and hopefully will be able to initiate steps to help secure his/her systems."

Complete Story

Related Stories: