Nmap is a free yet very powerful port scanning utility that has been around for the past 25 years. Nmap is one of the first tools a “hacker”, penetration tester or network admin uses on a network for discovery purposes. Nmap would be like a security guard going around your house checking every door, every lock, the mail slot, every window, your skylights and every other opening to determine what is exploitable to possibly gain entry into the home. Nmap does the exact same for a computer system by testing every TCP and UDP port for a response from the host. When it does get a response, it does further probing (TCP/IP Stack Fingerprinting) to try and determine what operating system is running or, are any hardware characteristics available for further identification. When Nmap is finished its testing (probing), it provides a very detailed report of all findings.
Where to use Nmap
Nmap is one of the easiest penetration tools to run against your servers to show you what ports are open helping to assess the security of your organization’s infrastructure. For example, if you run Nmap on your File Server and it indicates 80 and 443 are open and responding (which are not required), as a network admin you would want to disable that service on the server to reduce the available attack surface on the server.
When Nmap comes back with the complete list of open ports for the server, you can make a determination what is really required for the specific function of that server and disable everything else.
Nmap is also a very valuable tool to run against your public IP addresses to determine what ports are open and being forwarded by your firewall. The Nmap scan report should be validated against the services you intentionally have open and all other ports closed on the firewall.
What is Zenmap?
Nmap by itself is a command line utility where you have to remember all of the arguments to customize the type of scan you want it to perform. Zenmap is a very user friendly GUI front end to Nmap that lets you create the scan using intuitive drop down menus.
Conclusion
Nmap is an extremely powerful network scanning tool for any network admin wanting a detailed report of all the hosts and services on the network. Running an Nmap scan is a great way to begin assessing the security of your organization’s infrastructure. Zenmap front end makes the tool very easy to use with minimal learning curve.