Nmap Network Scanning and Vulnerability Analysis: A Practical Report

Verified

Added on 2025/04/10

AI Summary

Desklib provides past papers and solved assignments for students. This report details Nmap's use for network security vulnerability analysis.

Contents
List of Figures..................................................................................................................................2
Introduction:....................................................................................................................................3
Introduction of the tool:...................................................................................................................4
Features of the tool:.........................................................................................................................4
Techniques used by the tool to exploit the vulnerabilities of the system:.......................................5
Experiments:................................................................................................................................7
Conclusion.....................................................................................................................................16
References:....................................................................................................................................17

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

List of Figures
Figure 1 installation of kali linux.....................................................................................................7
Figure 2 nmap tool path...................................................................................................................8
Figure 3 help option for nmap.........................................................................................................9
Figure 4 man command for nmap..................................................................................................10
Figure 5 ping from kali to windows..............................................................................................11
Figure 6 ping from windows to kali..............................................................................................11
Figure 7 nmap -A command for website.......................................................................................12
Figure 8 nmap -A command for target system..............................................................................13
Figure 9 nmap -sS command for website......................................................................................14
Figure 10 nmap -sV command for website....................................................................................15
Figure 11 nmap -sA command for website....................................................................................15

Introduction:
This assignment aims to perform the research and give a presentation on tools of Kali Linux for a
security vulnerability. The tool which is selected for the assignment is nmap. Nmap is a scanning
tool which is used for vulnerability analysis. This assignment includes an introduction about the
nmap tool, features of the nmap tool, and techniques of the tool to exploit vulnerabilities, a
practice to show the usage of the nmap tool with the help of screenshots. This assignment help to
learn about the nmap features and to monitor the port so that unauthorized access can be
identified and blocked from the network.

Introduction of the tool:
Nmap is a very strong tool which is used to gather information about machines that are
connected to the internet. This is used to investigate the system. This is a basic tool to start
penetration testing. It is used to explore the network and perform security auditing. This also
helpful in monitoring task of the host. This helps to determine the all possible points that are
vulnerable in the system. This is an open source tool which is available in Kali Linux also. It is
able to scan large networks. Zenmap is a GUI version of nmap tool. This is supported in
Windows, Linux, Mac OS X and so on. Following tasks can be performed by using nmap-
(Hacker target, 2009)
 Scanning of an IP address or a single host
 Scan multiple hosts
 Detection of OS and its version
 Determine that firewall is enabled on host or not
 Scan an IPV6 address
 Determine what services are running
 Determine the devices running
 Display open ports
 Display received and sent packets
 Scan a host system using IP and UDP Ping
 Determine the most frequently used TCP ports
 Scanning a host system for UDP services
Features of the tool:
 It is able to determine open ports and running services of the system.
 This has a number of the flag which is able to perform various type of scans.
 It also allows scanning multiple target systems at a time.
 It helps to determine the type of firewalls.
 It offers to scan 1000 most common ports to scan on the target machines.
 It is also able to gather the info ration of the target operating system.
 It gives the information about the open port on the target system.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

 Allow fast scan
 It is able to give the information about the running software and their versions.
 This also allows scanning only selected ports on the target system.
 This also allows scanning the port using its name
 It also has the feature of complete scan to scan each and every port.
 This also allows using all the flags that the same time at once.
 This also provides the feature to store the outcome from Nmap. It also offers to save the
output in a different format.
Techniques used by the tool to exploit the vulnerabilities of the system:
It detects and analyzes the network packets to gather the information. It uses network protocols
to scan the network. The full name of Nmap is network mapper. This is able to do network
scanning. It also able to detect the operating system, services, versions, port scanning and so on.
When nmap command runs it checks the packet send by ARP, ICMP etc. so that it can identify
the deliver packets is not malicious and will not provide any harm to the network. The nmap can
run on both the open source and the windows platform, but in open-source it run by the
command-line interface and on windows, it runs on graphical mode. (McLaughlin Mike, 2011)
Commands Significance
Nmap <target IP> It simply scans the target IP address.
Nmap –v <target IP> It will display detailed information about the
scanned target IP.
Nmap –iL <target IP> It will display the list of IP address which is
scanned by the nmap.
Nmap –A <target IP> It displays the scan IP details with OS
information also.
Nmap –O <target IP> It will display the OS information of the
target IP address.
Nmap –sA <target IP> It will display the target IP has the firewall or
not.
Nmap –PN <target IP> It will display if the target IP has the activated
firewall or not.
Nmap –sP <target IP> It will display the live host which are present
in the target IP network.
Nmap –F <target IP> It will scan the target IP faster.
Nmap –sS <target IP> It will scan the TCP SYN ports.
Nmap –script=http-title <target IP> It will display information on the HTTP
services of the target machine.

Nmap –sV –p <port no> --script=ssl-
heartbleed
It will display the vulnerabilities found while
scanning the target machine.
(Hacker target, 2009)

Experiments:
To use the nmap toll for the vulnerability analysis.
Step 1: Install the Kali Linux machine as the nmap tool is available in this.
Figure 1 installation of Kali Linux
Step 2: After the complete installation goes in the application section in the top left corner. Then
go to vulnerability analysis section, here you can find the nmap tool, click on it.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Figure 2 nmap tool path
Step 3: To get more information about nmap uses, type the command nmap –help. This will
open the complete set of options and their description.

Figure 3 help option for nmap
Similarly, man nmap is also helpful to gather information about nmap use.

Figure 4 man command for nmap
Step 4: Now use any option according to the required information
Here the IP of kali machine is: 192.168.184.164
And the IP of the target machine which is a windows 7 machine is 192.168.184.132
Open terminal in kali and Type ping 192.168.184.132

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Figure 5 ping from kali to windows
Open windows 7 and go to command prompt and type ping 192.168.184.146
If the ping is successful then it shows that both machines are connected with each other.
Figure 6 ping from windows to kali
Step 5: open nmap in kali and type the below commands:
nmap -A google.com this will run all the command of nmap in just one command and give the
following outcome.

Figure 7 nmap -A command for website
The outcomes are:
The IP address of Google is 172.217.163.206
The host is up and it also gave the IPV6 address of google
DNS records
Number of filtered ports are 998
Two ports are open. This information also includes a port number, protocol type, state of port,
service, and version.