Slashdot Mirror

← Back to Stories (view on slashdot.org)

Nmap From an Ethical Hacker's Point of View

Posted by kdawson on from the think-like-the-bad-guys-do dept.

ddonzal notes a new tutorial that introduces Nmap from the viewpoint of an ethical hacker. (Part 1 of 2 parts is up now.) The author is Kirby Tucker, who writes: "After completing this 2 Part Series and having practiced the techniques described, one should not only be able to sit at a 'roundtable' with advanced security professionals and 'hold their own' in a discussion concerning Nmap, but also utilize this great tool in protecting their own network."

3 of 115 comments (clear)

  1. Re:More 'rich informing' alternative? by Anonymous Coward · · Score: 4, Informative

    try netstat -anpe | grep 9090 as root ?

  2. Re:More 'rich informing' alternative? by Ant+P. · · Score: 4, Informative

    >>Is there a more rich informed alternative that would say something like '9090/tcp open zeus-admin/transmission/appX/appY'?

    Yes:

    # netstat --numeric-hosts --listening --tcp --programs
    Active Internet connections (only servers)
    Proto Local Address       Foreign Address         State       PID/Program name
    tcp   0.0.0.0:svn         0.0.0.0:*               LISTEN      1678/xinetd
    tcp   0.0.0.0:netbios-ssn 0.0.0.0:*               LISTEN      1703/smbd
    tcp   0.0.0.0:sunrpc      0.0.0.0:*               LISTEN      1531/portmap
    tcp   0.0.0.0:http        0.0.0.0:*               LISTEN      2580/lighttpd
    etc.

  3. Re:More 'rich informing' alternative? by ReverendRyan · · Score: 4, Informative
    How would nmap know which app is really listening on a port? All it has are the ARIN-assigned port numbers from /etc/services. What you were looking for was

    # netstat -tcp -l
    which will list all TCP ports that are in state "LISTEN" along with the PID of the program that opened the port.