Description: How would you like to scan millions of hosts on the Internet and catalog all the interesting insights? This is exactly what Fyodor, the author of Nmap or Network Mapper did last summer. Thankfully, he then went on to share his finding with the community at Defcon 16 in his talk titled "Nmap: Scanning the Internet". Interestingly, as Fyodor notes in his talk that scanning such a large set of IP addresses did help him in uncovering many bugs in Nmap and also forced him to make enhancements and add new features to make the scanner really fast.
In this talk Fyodor demos many of the new features he has added in Nmap lately including but not limited to - optimizing the host discovery process using TCP and UDP techniques, finding most used TCP and UDP ports on the Internet and inside Intranets of large corporations, packet rate control with a minimum and maximum setting, the pack trace option, ncat - which is a netcat clone and ndiff which allows one to diff between different scan dumps. However, the best of the lot was uncovering of the Nmap scripting engine which allows developers to write than own scripts which will be executed by Nmap upon various events. This feature is really very interesting because it now allows users to add their own custom functionality on top of Nmap. As an example let's say every time Nmap finds the Telnet port open, one could write a script which tries to brute force the password then and there itself. I will try and cover the Nmap scripting engine in a video tutorial very soon.
The slides for the presentation are available here and a high resolution video can be downloaded here.
Tags: basics ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.