Network Mapping Using Nmap

Network Mapping is a process by which the devices on the network and their connectivity types can be discovered. It is very important for network engineer as well as a penetration tester or a hacker to know this tool. The most preferred way of mapping is using Nmap.

What is Nmap?

“Nmap is a security scanner, originally written by Gordon Lyon, used to discover hosts and services on a computer network, thus building a “map” of the network.” (Ref: Wikipedia)

Installing Nmap

  • On Linux: Kali Linux comes preinstalled with Nmap, so you can use right after the installation of Kali Linux
  • On Windows: On Windows, Nmap can be installed using multiple ways as mentioned below.
    • Download and install using Nmap Installer from here
    • Get Pentest Box which have nmap included. Here is the download link
  • On MAC: For MAC OS, download installer from here. More detailed instruction on installation can be found here

Using Nmap

  • To scan a particular ip or hostname:

    nmap ip or hostname

     

  • Scanning a specific port
    nmap -p 22 192.168.1.1

    The above command will scan the ip 192.168.1.1 for port 22

  • For a range of ports
    nmap 192.168.1.1 -p1-1000

    The above command will scan the ip 192.168.1.1 from port range 1 to 1000

  • To check what service a port is running
    nmap -sV 192.168.1.1
  • Scanning an entire IP range
    nmap 192.168.1.1-20
  • To scan all 65535 ports
    nmap -p- 192.168.1.1
  • OS detection
    nmap -O 192.168.1.1
  • To scan an IP using TCP conect
    nmap -sT 192.168.1.1
  • To scan using TCP SYN
    nmap -sS 192.168.1.1
  • For UDP scan
    nmap -sU 192.168.1.1

Nmap comes preloaded with lot of features for various type of scan which can be used depending upon the requirement and how the target server is setup. To get all the options and flags supported by nmap use the help command:

nmap -h

Just a week into 2018, four cyber attacks already

It’s been a week into 2018, and here we have four major cyber security breaches.

From Aadhaar details getting compromised to fake apps stealing banking data, 2018 has presented us with four large scale cyber attacks which potentially affect millions, even billions of people.

Here’s a quick read of the 4 attacks…….

Aadhaar data access

Just Rs. 500 for unrestricted access to Aadhaar details

Although the authorities have been claiming over the fact that all Aadhaar data is safe and secure despite all the controversies that were going on. All it took was to pay 500 rupees through Paytm and in 10 minutes you would get all the details. The Tribune was the first to report this through their investigation. One of their own journalist anonymously contacted the person who sold the data illegally and bought it to light.

After Rs. 500 was transferred to them via Paytm, they created an ID for the client, which allowed unrestricted access to the Aadhaar portal.

But that’s not all. For another Rs. 300, the racketeers also let the client print Aadhaar cards. They installed software on the client’s computer while accessing it remotely. Once the job was done, they made sure to delete the software drivers completely from the system.

Android.banker.A2f8a

Android trojan steals banking login data

Quick Heal labs recently reported that an Android malware which could steal banking details of 232 banking apps including SBI, Axis Bank, ICICI, HDFC and few crypto-currency apps too.

Known as Android.banker.A2f8a, the malware is being distributed via a fake Flash Player app on third party stores.

It has the potential of stealing personal data, intercepting SMS which contain OTPs, stealing contacts and tricks users into giving up login details.

It uses the android’s screen overlay mechanism and also shows fake notifications of banking apps and tries to capture login data.

Meltdown and Spectre

Researchers find security flaws in modern chips

Researchers with Google’s Project Zero, along with academic and industry researchers, discovered two security flaws in modern microchips which puts almost all phones and computers at risk.

Meltdown affects Intel chips and has the potential to let hackers read the kernel memory and steal passwords.

This led to a raise in competitors market share, but did not last too long.

Spectre a second major chip vulnerability affects Intel, AMD, and ARM chips, lets hackers steal information from apps.

Now all chip manufacturers will have a tough time this year!

Uber app

Fake Uber app steals user’s Uber ID and password

Although Uber did not suffer much, researchers at Symantec discovered a fake Uber app for Android smartphones.

The app shows users a mock-up version of Uber’s service which attempts to steal information by asking for users’ Uber IDs and passwords.

Later, the fake app tried to cover its tracks – it started showing screens of the legitimate Uber app with a user’s location.

MacOS HighSierra “root” vulnerability

On November 28th , Lemi Orhan, an Agile Software Craftsman, tweeted about a bug on MacOS HighSierra which allows anyone have a root access to the computer with the username “root” with a blank password which was later confirmed by Apple.

Tweet Screenshot

Testing this bug on your Computer

If you are testing it on your machine it will have a negative impact, which means it creates a persistent root user account on your Computer. It will have effect on some remotely accessibly services like Remote Desktop. Once this has been enabled on your system, it posses some security impact on your Computer.

Some users on Twitter even claimed the vulnerability can be exploited remotely if VNC or Apple Remote Desktop is enabled.

One of the way to protect yourself against this bug is not to try it on your computer. But if you have already done so, Just the change the root password and also disable remote services through System Preferences > Sharing and disable any of the remote services you’re already using.

You can follow this instructions provided by Apple Support to protect yourself.