Fotoflash, Fotolia.com

Fotoflash, Fotolia.com

Finding cracks with Nmap, Portbunny, and Nessus

Inspector

Article from ADMIN 00/2010
By
You need to lock doors to keep criminals out. Intelligent tools such as port and security scanners reveal potential vulnerabilities and help you keep the computers on your network safe from attackers.

If you want to keep one step ahead of the attackers, it is a good idea to identify and remove potential vulnerabilities and security holes on your network. The popular Nmap port scanner scans your system to reveal possible open ports that might be vulnerable to attack. Many system administrators use Nmap to reveal possible gaps in the security system before they are discovered by intruders. However, the details of how a tool like Nmap works are less well known. This article takes a close look at Nmap and also introduces an alternative to Nmap known as Portbunny. You'll also learn how to look for security problems with Nessus. Any discussion of security scanning and packet filtering requires some basic knowledge of network ports and Transport Layer protocols [1] [2]. For additional background on these topics, see the box titled "Ports."

Ports

TCP (Transmission Control Protocol) and UDP (User Datagram Protocol) reside in the fourth layer in the OSI model: the Transport Layer. Both TCP and UDP assign a packet to one of 2^16 available ports. TCP and UDP ports allow the operating system to map a packet to a specific service.

The 65,535 available ports are divided into three groups: ports numbered 0 through 1023 are referred to as the "well-known" ports and are assigned by the Internet Assigned Numbers Authority (IANA [2]). Most of the popular programs we use today work in this area. On Unix and Linux systems, a program that wants to open a well-known port has to run with root privileges; this explains why ports 0 through 1023 are often referred to as privileged ports .

Ports 1024 through 49,150 are referred to as registered ports. As a manufacturer, you can register a port with IANA

...
Use Express-Checkout link below to read the full article (PDF).

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy ADMIN Magazine

SINGLE ISSUES
Print Issues
Digital Issues
 
SUBSCRIPTIONS
Print Subs
Digisubs
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

comments powered by Disqus
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs

Most Popular

Support Our Work

ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.

Learn More”> </a> <hr> </div> </div> <div class=