[Dshield] NMAP/Ethereal primer

mark rowlands mark.rowlands at mypost.se
Tue Sep 23 21:03:45 GMT 2003

> With all of this said, I'm trying to gain a better 
> understanding about the deeper layers of my network and have 
> installed NMAP and Ethereal (WIndows versions).  Now I want 
> to better understand how to use these tools most effectively. 

I am not sure nmap is that helpful in those terms, its more of a tool
to use when you know what you want to do.

>  Can anybody point me to some good, laymen's terms documents?
> I've looked at HELP in both cases, but I want to hear from 
> the perspective of the experts out there and particularly 
> would like to hear about the features I should focus on that 
> will help me best understand...

In terms of primers.....

1) goal orientated....  What is it you need/want to know? Try the sans
reading room http://www.sans.org/rr/

2) Knowledge orientated.... Want to know about fundamental networking
Begin with Tanenbaum's Computer Networks (isbn 0-13-394248-1) 

An interesting exercise is to install a small test network
(on  a hub not a switch)

Client - monitor (ethereal and snort) - target 

Where target was various boxes (win2k xp redhat freebsd)

Then start running some scans/exploits nessus, nmap, nikto, 
http://neworder.box.sk/ usually  has some pointers ;-) to abuse the
and use snort / ethereal to examine the results. 

> Thanks

You're welcome

More information about the list mailing list