Presented at
AppSec USA 2014,
Sept. 18, 2014, 10:30 a.m.
(45 minutes).
This introductory guide is designed to introduce developers, testers, or anyone interested in learning the basics of network discovery and enumeration using the classic open-source network scanner - nmap.
nmap has been a mainstay for security testers and system administrators for years, generally for enumerating live hosts and discovering open ports and services. The benefits of the scanner extend beyond security professionals and may be useful in other areas, such as the software testing and development fields.
The lab will cover the following topics.
Downloading and Installing
Basic Usage
Discovery
Enumeration
Other Useful Options
OS/Version detection
Avoiding Firewalls/IPS
NSE Scripts
Target Audience
The goal of this lab is to introduce the tool and demonstrate the basics of scanning and highlight some of the newer features to IT professionals with little experience with port scanning or who may not have considered having nmap as a standard tool in their toolkit. This lab will target IT professionals with the following roles:
Software Developers
Software Testers
Security Professionals
System Administrators
Throughout the lab, the instructor will draw upon real-world or "field" experience as a penetration tester to cite examples where nmap was a key tool in discovering flaws in web applications, mis-configured servers, and rouge hosts. These security flaws and weaknesses were leveraged and exploited to gain authorized access. Furthermore, the instructor will explain how simple scanning may have been used to identify these flaws before being reported as high risk findings in an audit report.
Objectives
The objectives of the lab will be:
To demonstrate downloading source code and installing nmap.
To show basic techniques using nmap to perform:
live host discovery,
service enumeration,
OS detection,
service version detection, and
stealth scanning (avoid IPS detection)
To demonstrate some of the Nmap Scripting Engine (NSE) scripts that automate a wide variety of networking tasks.
Demonstrate Zenmap, the GUI interface for nmap. Briefly show examples of scanning using the GUI version of nmap on Windows.
Hands-on Lab Requirements
Ability to connect to a wireless network
Must have a version of nmap (6.x preferred)
Basic experience with Linux or Unix-based platforms and command-line interfaces
General familiarity with basic TCP/IP concepts such as ports, TCP, UDP, and simple network protocols such as Telnet, FTP, DNS, SNMP, etc.
It is assumed the attendees do not have extensive experience with nmap, as this is an introductory lab.
Presenters:
-
Jon Pettyjohn
- Security Engineer - Aerstone
Jon Pettyjohn is a Cybersecurity engineer at Aerstone and member of their security testing and mitigation team. Jon has a great deal of experience in IT security supporting Federal, DoD, and commercial customers. His areas of expertise include network and web application testing, SA&A, and PCI. Accomplishments include perfecting his homemade hot sauce and managing to finish a marathon a year.
Links:
Similar Presentations: