Re: Nmap and nessus commands



Hi Sohail,

I hope that You have not been flooded with answers already :).

To scan a network or a host w. nmap I recommend

nmap -sS -P0 -sV -O <target>

Where target may be a single IP, a hostname or a subnet, which I understand is what You want.

So for the classical private IP range You may use
nmap -sS -P0 -sV -O 192.168.1.*

Please notice that a quite large subnet with firewalled machines needs some time w. my recommended command.

I also recommend You the website of nessus: www.insecure.org - propably the best to get You fed up with tons of security related infos.

Good luck,

Martin

Sohail Sarwar wrote:
Hi there,

Can some help me out. I have been given the job to scan my network, and I wanted to verify the commands as I want to use nmap for port scanningn creat aa nmap.out file and use that in nessus.

I have a web tier, app tier, db tier, dmz... Etc that need to be scanned. Can so$meone help withj the commands, and procedures.

Much appreciated!

Sohail

Sohail Sarwar
Senior Network Engineer
20 CareMatrix Drive
Dedham, MA 02026
(781) 354-2002 Mobile
(781) 752-1403 Office
Ssarwar@xxxxxxxxxxx
www.ecredit.com
MCP, MCSA, MCSE, CCSA, CCSE, CCNA, CCDA, CCDP, CCNP


---------------------------------------------------------------------------
This list is sponsored by: ByteCrusher

Detect Malicious Web Content and Exploits in Real-Time.
Anti-Virus engines can't detect unknown or new threats.
LinkScanner can. Web surfing just became a whole lot safer.

http://www.explabs.com/staging/promotions/xern_lspro.asp?loc=sfmaildetect
---------------------------------------------------------------------------



Relevant Pages

  • RE: Nmap output
    ... Try using Nlog. ... NLog is a set of PERL scripts for managing and analyzing your nmap 2.0+ ... web based service gateway to an internal network. ...
    (Pen-Test)
  • Re: Scanning Class A network
    ... About point 2, i recommend you Nmap... ... >network to identify hosts and ports exposed to the Internet. ... >Audit your website security with Acunetix Web Vulnerability Scanner: ... Cross site scripting and other web attacks before hackers do! ...
    (Pen-Test)
  • Re: Advice on Fastest NMAP Scan
    ... Good to see you on here Fyodor. ... make sure that you are using Nmap 3.75. ... or just a local network? ... > shouldn't be any problem at all for regular scanning. ...
    (Security-Basics)
  • Re: Scanning hosts behind a NAT
    ... I'm a student and I'm trying to learn how nmap does its job. ... Today, for example, I tried to scan my home network )... ... Try Webroot's Spy Sweeper Enterprisefor 30 days for FREE with no ... FREE 30-Day Trial of Spy Sweeper Enterprise ...
    (Security-Basics)
  • RE: generating a network map
    ... You could use Etherape with a network discovery tool like Nmap. ... but the topology won't be correct I don't think. ...
    (Pen-Test)