Nmap
From Forensics Wiki
| nmap | |
|---|---|
| Maintainer: | Gordon Lyon |
| OS: | Linux,Windows, OS X |
| Genre: | Network forensics |
| License: | GPL |
| Website: | nmap.org |
Nmap (Network Mapper) is a network security scanner.
Features
General features:
- Host discovery
- Port scanning (enumerating open/closed/filtered ports on one or more target hosts)
- Service detection (determining service types and version numbers)
- OS detection
Other features:
- IP protocol scan
- Uptime detection (using TCP timestamps)
- Traceroute
- DNS resolution
- Idle scan (using "zombies")
- FTP bounce scan (using proxy FTP connections)
- etc
Typical uses
- Identifying open ports on a compromised host
- Auditing the security of a network, by identifying unexpected computers
