[Dshield] NMAP/Ethereal primer
mark.rowlands at mypost.se
Tue Sep 23 21:03:45 GMT 2003
> With all of this said, I'm trying to gain a better
> understanding about the deeper layers of my network and have
> installed NMAP and Ethereal (WIndows versions). Now I want
> to better understand how to use these tools most effectively.
I am not sure nmap is that helpful in those terms, its more of a tool
to use when you know what you want to do.
> Can anybody point me to some good, laymen's terms documents?
> I've looked at HELP in both cases, but I want to hear from
> the perspective of the experts out there and particularly
> would like to hear about the features I should focus on that
> will help me best understand...
In terms of primers.....
1) goal orientated.... What is it you need/want to know? Try the sans
reading room http://www.sans.org/rr/
2) Knowledge orientated.... Want to know about fundamental networking
Begin with Tanenbaum's Computer Networks (isbn 0-13-394248-1)
An interesting exercise is to install a small test network
(on a hub not a switch)
Client - monitor (ethereal and snort) - target
Where target was various boxes (win2k xp redhat freebsd)
Then start running some scans/exploits nessus, nmap, nikto,
http://neworder.box.sk/ usually has some pointers ;-) to abuse the
and use snort / ethereal to examine the results.
More information about the list