Using Network Scanners - nmap
By: Julius Santos | Published: January 1, 2023 | Edited: June 10, 2023
Prerequisites:
Kali Linux Virtual Machine
Windows Server 2016
- Open terminal on Linux machine Command ‘ip addr show eth0‘
- The grep command shown on the image is optional and just cleans up the return for easy reading
- Take note of the IP addresses listed for eth0
Scanning Network
Now we can begin scanning our network using nmap. The command ‘nmap 10.1.16.0/24‘ initiates nmap. Nmap will complete a scan of all devices connected on the 10.1.16.0/24 network. After our scan we can see a list of open Hosts on the network.
After running nmap, I want to target a specific host located at 10.1.16.2. I enter the command ‘nmap -O 10.1.1 6.2‘. This runs an additional scan and attempts to find the operating system running on 10.1.16.2
We can see that the device at 10.1.16.2 is running a Windows Server 2016. We can also see a list of open ports located on this device. This is good information to discover potential vulnerabilities inside the network.
We now run an additional scan on the 10.1.16.2 host. This time I specify that I want a list of the top popular ports and see their configuration. I enter the command ‘nmap –top-ports 20 10.1.16.2‘