Network Scanning Nmap Assignment Analysis Report

Question :

Provide an analysis report of five different device scans.  Devices can be anything outside the lab.  Some requirements:

Each device must use a different OS (Windows 10, 7, Mac OS, iOS, Android, Linux, etc.). 

Try different options in your scans like using udp packets and full ports (-p-). 

Answer :

Nmap is an open source as well as windows software for monitoring, analysis, reporting and scanning communication devices over the Internet or Intranet ("Chapter 16. Ndiff Reference Guide | Nmap Network Scanning").

In the below screenshot we scanned 5 different devices including IOT and Non-IOT devices with the following command:

 nmap -p- <IP Address pool range>

NSE is most powerful tool using NMAP by which we easily detect report for particular device with detailed scanning and understand the vulneralibilty from that device,it has amazing features and flexible.also helps user to write script using LUA programming language and it is also known as Nmap Scripting Engine(NSE).

NSE is most powerful tool using NMAP by which we easily detect report for particular device with detailed scanning and understand the vulneralibilty from that device,it has amazing features and flexible.also helps user to write script using LUA programming language and it is also known as Nmap Scripting Engine(NSE) ("Securitytrails | Top 15 Nmap Commands To Scan Remote Hosts").

Below is the screenshot showing NSE scanning with following command:

 nmap -T4 -A -v <IP Address>, 

Below is the scanning for Windows 10 machine.

The above screenshot explains script being loaded and start initiating scan related to services and ports.

The above screenshot scans and shows the results of NSE script and completed the scan.

Security Issues

Introduction

These issues refer to the security to devices and working with devices over internet communication.

Below screenshot showing scanning vulnerability with following command:

It shows URIs suspected to be Vulnerable to HTTP web tempering.

nmap -Pn –script vuln <IP Address> 

Above screenshot showing yellow marked area which would be MAC Address of device.

Using NPING to conduct a scan and shared below results

Introduction and Command:

NPing: It is the tool or command which helps in checking the communication between devices over the network and below is the screenshot which helps you that how they get communication from source to destination respectively.  

 nping <IP Address or Website>

The above screenshot showing this command request from source IP to destination IP and receiving reply from destination IP to Source IP

Conclusion

This guide will help you scan vulnerabilities on related devices and helps us to understand and operate Nmap tool to analysis of several vulnerable reports and network scanning.

This will also help you understand working strategies on command line instructions (CLI), learning commands for scanning and perform better scan related to devices and network.

Best guide for self-paced learning and understanding the concepts behind scanning network and vulnerabilities.

By the above Assesment we did 9 total scans – 5 scans using base nmap, 2 scans using different options, 1 scan using NSA/NSE, and 1 scan using NCAT, NPING, or NDIFF.  

References

"Chapter 16. Ndiff Reference Guide | Nmap Network Scanning". Nmap.Org, 2020, https://nmap.org/book/ndiff-man.html.

"UDP Scan (-Su) | Nmap Network Scanning". Nmap.Org, 2020, https://nmap.org/book/scan-methods-udp-scan.html#:~:text=Fortunately%2C%20Nmap%20can%20help%20inventory,packet%20to%20every%20targeted%20port.

"Securitytrails | Top 15 Nmap Commands To Scan Remote Hosts". Securitytrails.Com, 2020, https://securitytrails.com/blog/top-15-nmap-commands-to-scan-remote-hosts.