Welcome to the Aanval Wiki. Snort, Suricata and Syslog Intrusion Detection, Situational Awareness and Risk Management.

Visit http://www.aanval.com/ for more information.

Nmap

From Aanval Wiki
Jump to: navigation, search

Nmap ("Network Mapper") is a free and open source utility for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are available for Linux, Windows, and Mac OS X.

Nmap is the utility that powers Aanval's Network Host Scanning, Rogue Host Detection, and Offensive Reconnaissance engines and must be configured to the Aanval console.

Getting Started

  1. Download Nmap. The most recent version of Nmap can be obtained from the following site: [1]
  2. The following commands should install and configure Nmap for the basic Linux and Unix environment:
  3. bzip2 -cd nmap-6.01.tar.bz2 | tar xvf -
    cd nmap-6.01
    ./configure
    make
    su root
    make install
    

    (For detailed instructions for an OS X environment, please visit the Aanval Installation Guide for OS X.)

  4. Navigate the Aanval console to Console Configuration > Console > Preferences > Network Scanning, and enter the location obtained from the previous command into the Nmap Binary Path box.
    The following is the default path for many machines:
  5. /usr/local/bin/nmap
    
  6. You'll know Nmap is both properly installed and configured by selecting Offensive Reconnaissance from the top-left icons on the console, the lightning bolt, and on the right of the screen its correct path is written in white text; otherwise, the current or default path will be displayed in red text, signifying the lack of the Nmap package or an incorrect path.
  • Additional note: Aanval was designed and tested to work with Nmap version 6, the most recent build. Aanval may work with older versions of Nmap, but they have not been tested, and successful functionality is not guaranteed.

External Links