[Dshield] NMAP/Ethereal primer
mtombaugh at alliedcc.com
Wed Sep 24 13:40:10 GMT 2003
On Tuesday 23 September 2003 09:16 am, Louis Hablas wrote:
> With all of this said, I'm trying to gain a better understanding about the
> deeper layers of my network and have installed NMAP and Ethereal (WIndows
> versions). Now I want to better understand how to use these tools most
> effectively. Can anybody point me to some good, laymen's terms documents?
> I've looked at HELP in both cases, but I want to hear from the perspective
> of the experts out there and particularly would like to hear about the
> features I should focus on that will help me best understand...
Sounds like a TCP/IP port usage primer might be in order:
NMAP can be used to quickly identify some types of problem hosts on your
network. To search for suspected nachi zombies on your lan for example:
"nmap -sS -p 707 192.168.1.0/24" [scans 192.168.1.0/24 for hosts with tcp707
(nachis control port) open].
Mark Tombaugh <mtombaugh at alliedcc.com>
Allied Computer Corporation <http://www.alliedcc.com>
USiHOST, iNC. <http://www.usihost.com>
More information about the list