[Dshield] NMAP/Ethereal primer
MarglesSingleton at firsthealth.com
Wed Sep 24 13:39:29 GMT 2003
FWIW I found Ethereal to be a fantastic means of increasing my
understanding about "...the deeper layers...." - nmap was nice for
guiding me on what I needed to investigate, but it didn't open my eyes
in the same way as Ethereal. ....then it was a matter of not being
afraid to ask questions about what I saw and didn't understand.
>>> mark.rowlands at mypost.se 09/23/03 04:03PM >>>
> With all of this said, I'm trying to gain a better
> understanding about the deeper layers of my network and have
> installed NMAP and Ethereal (WIndows versions). Now I want
> to better understand how to use these tools most effectively.
I am not sure nmap is that helpful in those terms, its more of a tool
to use when you know what you want to do.
> Can anybody point me to some good, laymen's terms documents?
> I've looked at HELP in both cases, but I want to hear from
> the perspective of the experts out there and particularly
> would like to hear about the features I should focus on that
> will help me best understand...
In terms of primers.....
1) goal orientated.... What is it you need/want to know? Try the sans
reading room http://www.sans.org/rr/
2) Knowledge orientated.... Want to know about fundamental networking
Begin with Tanenbaum's Computer Networks (isbn 0-13-394248-1)
An interesting exercise is to install a small test network
(on a hub not a switch)
Client - monitor (ethereal and snort) - target
Where target was various boxes (win2k xp redhat freebsd)
Then start running some scans/exploits nessus, nmap, nikto,
http://neworder.box.sk/ usually has some pointers ;-) to abuse the
and use snort / ethereal to examine the results.
list mailing list
list at dshield.org
To change your subscription options (or unsubscribe), see:
More information about the list