Nmap

From Forensics Wiki
Revision as of 15:41, 13 September 2008 by .FUF (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search
nmap
Maintainer: Gordon Lyon
OS: Linux,Windows, OS X
Genre: Network forensics
License: GPL
Website: nmap.org

Nmap (Network Mapper) is a network security scanner.

Features

General features:

  • Host discovery
  • Port scanning (enumerating open/closed/filtered ports on one or more target hosts)
  • Service detection (determining service types and version numbers)
  • OS detection

Other features:

  • IP protocol scan
  • Uptime detection (using TCP timestamps)
  • Traceroute
  • DNS resolution
  • Idle scan (using "zombies")
  • FTP bounce scan (using proxy FTP connections)
  • etc

Typical uses

  • Identifying open ports on a compromised host
  • Auditing the security of a network, by identifying unexpected computers

External Links