Hack Proofing Linux: A Guide to Open Source Security
Excellent detailed introduction to key Linux security tools and
techniques, for non-system administrators.
TABLE OF CONTENTS Hack Proofing Linux: A Guide to Open Source Security
Using Nmap
Nmap is an advanced port scanner. It is also capable of identifying the version of an operating system. You can download Nmap, shown in Figure 3.13, at www.insecure.org. Perhaps the best thing about Nmap is that its developer, Fyodor, is extremely talented, active, and a good collaborator. He and his colleagues update Nmap often, and the updates usually bring desirable new features and improvements.
Figure 3.13: Nmap
You may be wondering whether Nmap is actually a hacker tool meant to help compromise the security of a network. Nmap was first introduced as a hacking tool, but has been quickly adopted by IT professionals. It provides excellent information concerning hosts on your network. It also allows your IT professionals to:
- Audit your network Using this application, your employees can quickly scan a network for hosts that have unsecured ports.
- Test firewall configurations Nmap will help to ensure that the firewall blocks as many packets as it can, without compromising your ability to communicate with the outside world.
- Identify the nature of suspicious remote systems Although scanning a host that has scanned you may be considered bad etiquette, doing so can help your employees quickly size up a threat.
- Test your router and switch configuration TCP/IP has built-in testing features that allow one echo request to cause an entire network of hosts to respond to a host. While this feature may be useful in...
Copyright Syngress Publishing, Inc. 2001 under license agreement with Books24x7
