What does the network scanning mean? Network scanning refers to do with a computer network to collect all information about computing systems. Network scanning is basically used for security assessment and system maintenance. Hacker also uses network scanning for attacks. Vulnerability scanning is one of the network scanning. Vulnerability scanning works for identifies vulnerabilities of a computer system. It also can detect weak port and launch exploit. Now I want to introduce a port scanning tool about Network Mapped (Nmap). It’ free of charge to use and open source utility. Nmap can run on at many platforms, it runs on all operating system (OS), such as Window, Solaris, IRX, etc.
Now I would list some features and function about Nmap. One of the features is host discovery, it can attempt to determine the accessible host on the network. Even the ruleset of the firewall is written definitely, it also can identify the number of hosts. Nmap can be used to scan large network in a single run with efficiency.
Most of the security tools have advantage and disadvantage. Nmap has a lot of advantage, one of the advantages is that send a well-crafted packet to the destination. Nmap also can scan the network for various vulnerabilities. Nmap able to create visual network on particular machines with Zenmap GUI. Can’t think of any more disadvantages specific to Nmap, but port-scanning has some general flaws. One of the disadvantages is Nmap could make a DOS or network slowdown while is scanning weaker devices. This can be remedied by slowing down the scan speed. Port scans are loud. There are ways to make port scans more stealthy included with Nmap, but they always require generating a whole lot of network traffic, and there is an inverse relationship between stealth and speed.
Now I’d show some usage of Nmap. I’ll use Nmap to ping scan the network, listing machines that respond to ping with this command “nmap –sP Ip range”.
I can open a Nmap front end called Zenmap with this command “nmapfe”. It is a GUI built on top of Nmap. The reason I use Zenmap is that it provides a nice summarized output of Nmap commands and supports all of the features Nmap does.
I also can view all the active host on the network with this command “nmap –v3 Ip range”.
I can scan 2 or more type of scan in a command. Below are OS detection and UDP scanning with this command “nmap –sS –O IP range”.
There’s have other tools for network scanning in the field of network security. One of the tools called Nessus, let’s compare it with the Nmap. NMAP and Nessus can both be considered network security scanners, but there are several difference between them. The first of which are the ways information is presented to the user. Nmap whether you use the GUI or command line the data output is still text-based as where Nessus has more of a graphical approach to presenting the information. At a basic level, Nessus is a vulnerability scanner whereas NMAP is used for mapping a network’s hosts and the hosts’ open ports. Nessus’ primary function is to provide security scanning capabilities to its user. Like Nmap, it can do network discovery, but unlike Nmap, it is designed to scan systems to determine their vulnerabilities. Because of what Nessus can do, it can be applied in security audits, asset profiling, and vulnerability analysis. All these can probably do with Nmap, but it would take a lot of work. Depending on your position and purpose, it may already be clear which tool is for you. However, if your main focus is making sure any vulnerabilities are discovered, without the need to hire a network and security expert, then Nessus may just be the answer. If you are a penetration security engineer and assigned to check out a company’s network, Nmap may just do the job because of its portability and utility.