------------------------------ NMAP Exercises ------------------------------ The goal of this exercise is to make you familiar with the different options of the nmap command. In particular, you should know about the different SCAN type, how to specify which ports to scan, and how to specify which targets to scan. ------------------------------ 1. Install nmap % sudo -s # cd /usr/ports/security/nmap # make install clean --- *OPTION* You can install zenmap on your Windows machine now or later if you also want to see what the GUI interface looks like. But you should do the command line --- *REMINDER* You can see all the options at any time by typing: nmap --help The general syntax of the command is: Usage: nmap [Scan Type(s)] [Options] {target specification} --- 2. Scan your workstation with default options: % nmap pcXX What does the output show??? 3. What is the option for a TCP CONNECT Scan: Default is a -sS SYN scan... To see the manual page for NMAP, and jump to the option, type: % man nmap /TCP connect 4. Scan your own workstation for port 80: How did you specify the port to scan for ??? 5. Scan your own workstation for port 80, add the "-A" option: What does the -A option do? 6. Scan the entire workstation subnet for port 80: The workstations subnet is: 196.200.219.0/24 7. Scan the "pc34" workstation: Do you see any interesting ports? Scan those ports using the "-A" option. What type of applications are running on those ports??? ---