What does the network scanning mean? Network scanning refers to do with a
computer network to collect all information about computing systems. Network
scanning is basically used for security assessment and system maintenance.
Hacker also uses network scanning for attacks. Vulnerability scanning is one of
the network scanning. Vulnerability scanning works for identifies
vulnerabilities of a computer system. It also can detect weak port and launch
exploit. Now I want to introduce a port scanning tool about Network Mapped
(Nmap). It’ free of charge to use and open source utility. Nmap can runs at
many platforms, it runs on all operating system (OS), such as Window, Solaris,
Now I would list some
features and function about Nmap. One of the features is host discovery, it can
attempts to determine the accessible host on the network. We can identify the
number the hosts even ruleset of firewall is written explicitly. Nmap also can
be used to scan millions of IPs in a single
run with incredible efficiency. We just need to be careful to understand
and adjust the variables that can affect performance, and really think about
our scan objectives beforehand.
of the security tools have advantage and disadvantage. Nmap has a lot of
advantage, one of the advantage is that send a well-crafted packets to the
destination. Nmap also can scan the network for various vulnerabilities. It was actually designed to frequently scan
large networks, still works fine in opposition to single hosts. Nmap also able to integrate with Zenmap GUI to create visual network maps and
store information on particular machines in a network. Can’t think of any more
disadvantages specific to Nmap, but port-scanning has some general flaws. One
of the disadvantage is hile Nmap is scanning weaker devices and congested
networks can sometimes cause an unintentional DOS or network slowdown. This can
be remedied by slowing down the scan speed. Port scans are loud. There are ways
to make port scans more stealthy included with Nmap, but they always require
generating a whole lot of network traffic, and there is an inverse relationship
between stealth and speed.
Now I’d show some usage of Nmap. I’ll
use Nmap to ping scan the network, listing machines that respond to ping with
this command “nmap –sP Ip range”.
I can open a Nmap front end called
Zenmap with this command “nmapfe”. It is a GUI built on top of Nmap. The reason
I use Zenmap is that it provides a nice summarized output of Nmap commands and
supports all of the features Nmap does.
I also can view all the
active host on the network with this command “nmap –v3 Ip range”.
I can scan 2 or more
type of scan in a command. Below is OS detection and UDP scanning with this
command “nmap –sS –O IP range”.
There’s have other
tools for network scanning in the field of network security. One of the tools
called Nessus, let’s compare it with the Nmap. NMAP and Nessus can both be considered network security
scanners, but there are several difference between them. The first of which are
the ways information is presented to the user. Nmap whether you use the GUI or
command line the data output is still text based as where Nessus has more of a
graphical approach to presenting the information. At a basic level, Nessus is a
vulnerability scanner whereas NMAP is used for mapping a network’s hosts and
the hosts’ open ports. Nessus’ primary function is to provide security scanning
capabilities to its user. Like Nmap, it can do network discovery, but unlike
Nmap, it is designed to scan systems to determine their vulnerabilities. Because
of what Nessus can do, it can be applied in security audits, asset profiling, and
vulnerability analysis. All these can probably done with Nmap, but it would
take a lot of work. Depending on your position and purpose, it may already be
clear which tool is for you. However, if you main focus is making sure any
vulnerabilities are discovered, without the need to hire a network and security
expert, then Nessus may just be the answer. If you are a penetration security
engineer and assigned to check out a company’s network, Nmap may just do the
job because of its portability and utility.