Lesson 13

Date: 6/28/2017
Linux Network Security
Linux System Administration

Port scanning

  • After unnecessary ports are closed and firewall implemented, the system should be scanned from a remote host with NMAP. To scan the TCP ports, for example on
    nmap -sT -O 

    The output may look like the following:
    Starting nmap 3.75 ( http://www.insecure.org/nmap/ ) at 2005-04-05 20:56 EDT
    Interesting ports on node18.linux.class (
    (The 1653 ports scanned but not shown below are in state: closed)
    22/tcp    open  ssh
    111/tcp   open  rpcbind
    139/tcp   open  netbios-ssn
    445/tcp   open  microsoft-ds
    513/tcp   open  login
    514/tcp   open  shell
    919/tcp   open  unknown
    953/tcp   open  rndc
    2049/tcp  open  nfs
    32772/tcp open  sometimes-rpc7
    MAC Address: 00:10:5A:0A:B3:E8 (3com)
    Device type: general purpose
    Running: Linux 2.4.X|2.5.X|2.6.X
    OS details: Linux 2.4.18 - 2.6.7
    Uptime 8.143 days (since Mon Mar 28 16:30:58 2005)

    To scan the UDP ports, for example on
    nmap -sU -v

  • Nessus is an extension of NMAP; it provides vulnerability details and security advises.

    Scan the TCP ports on smbhost from your desktop:
    nmap -sT -O

    Scan the UDP ports on smbhost from your desktop:
    nmap -sU -v

  • Take me to the Course Website