NMAP : THE NETWORK MAPPER

Nmap is known as Network Mapper . Nmap is graphical utility for security and network auditing . Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are available for Linux, Windows, and Mac OS X.

Features of Nmap are:

• Flexible

• Powerful

• Portable

• Portable

• Well Documented 

  Latest Version of the Nmap can be downloaded from here.

Nmap Installation for Linux systems:

wget https://nmap.org/dist/nmap-7.01.tar.bz2 

bzip2 -cd nmap-7.01.tar.bz2 | tar xvf - 

cd nmap-7.01 

./configure 

make su root 

make install 

 NOTE : "NMAP is Installed in Kali Linux by default "

Nmap also provides the information on supported IP protocols rather than listening ports . It provides the information like targets, reverse dns, operating system, device types and the MAC Address. 

Some Commands:

nmap <--target-->   ( target could be the ip address or the host name of the machine)

nmap -A -T4 <--target-->

nmap -F <-- target -->

NOTE: " These options can be studied from the man page of this command "

 

Introduction to Kali Linux

Kali Linux is a Debian-based Linux distribution, It was launched on 13th March 2013, It is a complete rebuild of BackTrack with eliminating various tools which were inefficient or duplicated tools providing the same or similar functionality.

Kali Linux aimed at advanced Penetration Testing and Security Auditing using various tools which are divided into different categories:

• Information Gathering

• Vulnerability Analysis

• Web Applications Analysis

• Database Assessment

• Password Attacks

• Wireless Attacks

• Reverse Engineering

• Exploitations Tools

• Sniffing and Spoofing

• Post Exploitation

• Forensics

• Reporting Tools

Information Gathering: One of the most important thing to do before attacking any target . To able to launch an attack one need to have the basic information before attacking the target . This category has various tools which are made available while installing Kali Linux.

Vulnerability Analysis: Vulnerability analysis is also know as vulnerability assessment, it is a process that defines, identifies and classifies the security holes in a computer, network or any infrastructure.

Web Application Analysis: Web Application analysis refers to identifying vulnerability in applications deployed over the web. It used to secure your application so that your data is not leaked . 

Database Assessment: Database assessment refers to the risk associated with each database asset by looking data sensitivity, combined with a view of what vulnerabilities impact the data. 

Password Attacks: Password attack is basically a password guessing , attackers can guess passwords locally or remotely using different types of attacks like: dictionary attack , password sniffing , password capturing, password crackers. 

Wireless Attacks: Wireless attack is one of the most common security issue when it comes to networks. It is because such attacks can really get a lot of information that is being sent across a network and use it to commit some crimes in other network, Few types are Jamming, Rogue access Point, packet sniffing and replay attacks.

Sniffing and Spoofing: Sniffing and Spoofing are the security threats which targets the lower layer of Networking Infrastructure supporting applications which are running over web. Sniffing is the use of a network interface to receive data not intended for the machine in which the interface resides . Spoofing attack is when a malicious party impersonates another device or user on a network in order to launch attacks against network hosts, steal data, spread malware or bypass access controls. 

 Kali Linux ISO Image : Download Here

Architecture of Linux

The Architecture of Linux can be divided into three levels of functionality:

The lowest level is the kernel, which schedules tasks , which schedules tasks, manages resources, and controls security .

The next level is the shell, which acts as the user interface, interpreting user commands and starting
applications.

The highest level is utilities, which provides utility functions. In other words is the USER level, as user is the one who operates those utilities.

Linux File System Architecture

Linux uses single rooted, inverted tree like file system hierarchy

What is Operating System ?

Operating system is an interface between user and the computer hardware. The hardware cannot understand human readable language as it works on binaries i.e. 0’s and 1’s. Also it is very tough for humans to understand the binary language, in such case we need an interface which can translate human readable language to hardware language and vice-versa for effective communication.

 

Types of Operation System:

• Single User - Single Tasking Operating System.

• Single User – Multitasking Operating System.

• Multi User   – Multitasking Operating System.
  
  

 

Single User – Single Tasking Operating System:

In this type of operating system only one user can into system and can perform only one task at a
time. (Example: MS-DOS)

 

Single User– Multi Tasking Operating System:

This type of operating system supports only one user to log in the system but a user can perform multiple tasks at a time, like reading an e-book while downloading movies. (Example: Windows98, xp, vista, seven, eight, ten etc.)

 

Multi User – Multi Tasking Operating System:

This type of operating system provides multiple users to log into the system and they can also perform various tasks at a time. In a broader term multiple users can logged in to system and share the resources of the system at the time. (Example UNIX, LINUX etc.)