Difference between pages "User talk:.FUF" and "Nmap"

From ForensicsWiki
(Difference between pages)
Jump to: navigation, search
m (New anti-spam system)
 
(New page: {{Infobox_Software | name = nmap | maintainer = Gordon Lyon | os = {{Linux}}, {{Windows}}, OS X | genre = Network forensics | license = {{GPL}} | website = [http://nmap.org/ nm...)
 
Line 1: Line 1:
Congrats! You are now a sysop!
+
{{Infobox_Software |
 +
  name = nmap |
 +
  maintainer = Gordon Lyon |
 +
  os = {{Linux}}, {{Windows}}, OS X |
 +
  genre = Network forensics |
 +
  license = {{GPL}} |
 +
  website = [http://nmap.org/ nmap.org] |
 +
}}
  
:: Thx [[User:.FUF|.FUF]]
+
'''Nmap''' (Network Mapper) is a network security scanner.
  
... and a vigilant sysop you are. Thanks again for your help. When do you graduate? [[User:Simsong|Simsong]] 18:44, 15 March 2009 (UTC)
+
== Features ==
  
:: 2012 [[User:.FUF|.FUF]] 19:03, 15 March 2009 (UTC)
+
General features:
  
What should we do about the sudden increase in spammers? [[User:Simsong|Simsong]] 02:31, 1 July 2009 (UTC)
+
* Host discovery
:: We should use our banhammer. And probably this extension (never tested it):
+
* Port scanning (enumerating open/closed/filtered ports on one or more target hosts)
:: http://www.mediawiki.org/wiki/Extension:SpamRegex
+
* Service detection (determining service types and version numbers)
:: Or something to blacklist links to external sites. [[User:.FUF|.FUF]] 16:18, 1 July 2009 (UTC)
+
* [[OS fingerprinting|OS detection]]
:::Well, we are already running SpamBlacklist. And it's working. Try posting a URL to sex.com or something...
+
:::: And how to add URL to the blacklist? [[User:.FUF|.FUF]] 05:11, 2 July 2009 (UTC)
+
::::: It's run on the mediawiki server. We subscribe. You could try to maintain a local one, but  it's too much effort, usually.[[User:Simsong|Simsong]] 03:38, 3 July 2009 (UTC)
+
  
 +
Other features:
  
I added an extension called Nuke and another one called Maintenance.
+
* IP protocol scan
http://www.forensicswiki.org/wiki/Special:Nuke
+
* Uptime detection (using [[TCP timestamps]])
http://www.forensicswiki.org/wiki/Special:Maintenance
+
* Traceroute
Try them. [[User:Simsong|Simsong]] 14:59, 24 December 2009 (UTC)
+
* DNS resolution
 +
* Idle scan (using "zombies")
 +
* FTP bounce scan (using proxy FTP connections)
 +
* etc
  
== New anti-spam system ==
+
== Typical uses ==
  
So what do you think of the confirmed account system as an anti-spam approach? [[User:Simsong|Simsong]] 04:48, 12 January 2010 (UTC)
+
* Identifying open ports on a compromised host
:: Good approach [[User:.FUF|.FUF]] 19:29, 13 January 2010 (UTC)
+
* Auditing the security of a network, by identifying unexpected computers
 +
 
 +
== External Links ==
 +
 
 +
* [http://nmap.org/ nmap.org]
 +
 
 +
[[Category:Network Forensics]]

Latest revision as of 15:41, 13 September 2008

nmap
Maintainer: Gordon Lyon
OS: Linux,Windows, OS X
Genre: Network forensics
License: GPL
Website: nmap.org

Nmap (Network Mapper) is a network security scanner.

Features

General features:

  • Host discovery
  • Port scanning (enumerating open/closed/filtered ports on one or more target hosts)
  • Service detection (determining service types and version numbers)
  • OS detection

Other features:

  • IP protocol scan
  • Uptime detection (using TCP timestamps)
  • Traceroute
  • DNS resolution
  • Idle scan (using "zombies")
  • FTP bounce scan (using proxy FTP connections)
  • etc

Typical uses

  • Identifying open ports on a compromised host
  • Auditing the security of a network, by identifying unexpected computers

External Links