Monday, 2 September 2013

Troubleshooting Tool Testing Time! 9/3/2013 - NMAP Zenmap GUI for Windows.

Hey all,

I got to know about this really cool networking tool for Ping Swaps which can help you several ways, Good as well as bad.  Nmap zenmap is a tool based on Linux's infamous nmap command. Nmap is usually used as network discovery tool  and it gets too intrusive if you use it that way. It can extract very secretive information from the Machines running on Internet Protocol 4.  And now i am going to use this tool for the first time let's see what we get :-

Firstly, let me explain how my network topology is :-





So as you can see i have an internet connectivity using Beetel Modem (Airtel) and from there i have an Ethernet jack connected on my access point which is an Netgear router and then using the broadcasted SSID I am able to connected to the Network. Now I ran the NMAP Zenmap app for Windows on of the laptop and let's see what we got.. :-

Starting Nmap 6.40 ( http://nmap.org ) at 2013-09-03 07:11 India Standard Time

NSE: Loaded 110 scripts for scanning.

NSE: Script Pre-scanning.

Initiating ARP Ping Scan at 07:11

Scanning 10.0.0.1 [1 port]

Completed ARP Ping Scan at 07:11, 0.30s elapsed (1 total hosts)

Initiating Parallel DNS resolution of 1 host. at 07:11

Completed Parallel DNS resolution of 1 host. at 07:11, 5.59s elapsed

Initiating SYN Stealth Scan at 07:11

Scanning 10.0.0.1 [1000 ports]

Discovered open port 80/tcp on 10.0.0.1

Discovered open port 53/tcp on 10.0.0.1

Discovered open port 23/tcp on 10.0.0.1

Completed SYN Stealth Scan at 07:11, 1.34s elapsed (1000 total ports)

Initiating Service scan at 07:11

Scanning 3 services on 10.0.0.1

Completed Service scan at 07:12, 29.39s elapsed (3 services on 1 host)

Initiating OS detection (try #1) against 10.0.0.1

NSE: Script scanning 10.0.0.1.

Initiating NSE at 07:12

Completed NSE at 07:12, 19.10s elapsed

Nmap scan report for 10.0.0.1

Host is up (0.0035s latency).

Not shown: 997 closed ports

PORT   STATE SERVICE    VERSION

23/tcp open  telnet?

53/tcp open  domain     dnsmasq 2.15-OpenDNS-1

| dns-nsid: 

|   id.server: 

|_  bind.version: dnsmasq-2.15-OpenDNS-1

80/tcp open  tcpwrapped

| http-auth: 

| HTTP/1.0 401 Unauthorized


|_  Basic realm=NETGEAR WGR614v9

|_http-title: 401 Unauthorized

MAC Address: 00:24:B2:7E:30:E4 (Netgear)

Device type: specialized

Running: Linux 2.4.X

OS CPE: cpe:/o:linux:linux_kernel:2.4.21

OS details: Linux 2.4.21 (embedded)

Uptime guess: 0.414 days (since Mon Sep 02 21:15:59 2013)

Network Distance: 1 hop

TCP Sequence Prediction: Difficulty=199 (Good luck!)

IP ID Sequence Generation: All zeros



TRACEROUTE

HOP RTT     ADDRESS

1   3.52 ms 10.0.0.1



NSE: Script Post-scanning.

Read data files from: C:\Program Files (x86)\Nmap

OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .

Nmap done: 1 IP address (1 host up) scanned in 62.02 seconds

           Raw packets sent: 1032 (46.346KB) | Rcvd: 1012 (41.170KB)

If you read the above script closely you will find that this tool is very powerful. using its network scanner enginer it is able to extract the ARP Ping Scan, check which ports are open - 80 HTTP 443 -HTTPS 23 TELNET 23. It also told you who many hops the ip is away (1 hop) in this way. There you also have the MAC-ADDRESS ready...OS details which can help you finding out what kind of machine is connected to your system. UPtime is also present. All this info is written in plain english and anybody can understand this. 

So mates! This was my first attempt on the NMAP ZENMAP GUI based app for windows, go out there and give your shot to this free app. This tool can be downloaded from its parent website. Download here :- http://nmap.org/download.html


No comments:

Post a Comment