Network scanning

For the network scanning challenge we will be using a tool called Nmap. Nmap is a open source tool, built into Kali Linux, for analysing and mapping a network.

What is meant by mapping the network is to find out what hosts and services is running on a computer network. The way Nmap does this is by sending specially crafted packet to the target, let it be a single host(computer) or a complete network of computers, and then analysing the answer.

Using Nmap

The first thing you need for using Nmap is the IP-address of your computer, this can be found by typing in the command

ifconfig

In to the terminal window. This will give the result seen below.

What you need to look for is the list of numbers above the red line, in this case the IP-address of the machine is 192.168.126.5.

When you have the IP-address of the machine you can use the Nmap tool by navigating to the terminal window and typing in

nmap IP-address/24

Where you substitute IP-address with the the result of the ifconfig command. This will create a list of hosts sorted by IP-address and a list of services running on each host, see the picture below.

Each block of text represents a host, it will tell you the IP-address, the latency, how many ports that closed and a list off ports that are open and the service they are running.

Looking at the first host with the IP-address 192.168.126.2. We see that the the latency is very low and all 1000 scanned ports is closed. Moving on to the next host with the IP-address 192.168.126.3 we see that there is an open port, port 53 and that it is running a service called Domain. By simply googling port 53, we find that port 53 is the standard port for Domain Name System(DNS).

Now it is your turn to investigate the rest off the hosts and see if you find something interesting.

HINT 1: This is a link to a list of standardized ports.
HINT 2: I would start by looking at hosts running something on port 80 or 433.
HINT 3: Try pasting an IP-address into the web-browser of the Kali machine.