Arfa Farheen 394-FBAS/BSIT4/F19

Cyber Security
Nmap Report
Report:
Nmap
Nmap stands for network mapper. Nmap is a network scanning tool that uses IP packets
to identify all the devices connected to a network and to provide information on the
services and operating systems they are running. Nmap is very powerful when it comes
to discovering network protocols, scanning open ports, detecting operating systems
running on remote machines, etc. It is used to monitor remote host status.
Features:
Nmap features include:
 Host discovery
 Port scanning
 Version detection
 OS detection
 Nmap can provide further information on targets, including reverse DNS names, device
types, and mac address

ZenMap:
We have explored Zenmap which is a GUI version of Nmap.

Scanning in Zenmap:

It allows the user to scan any IP active on their network. If you spot an IP you haven’t
seen before, you can run an IP scan to identify whether it is a legitimate service or an
outside attack.

IP Scanning can be done. You can write you IP in target tab then scan it then it will
returns information of every active IP on your network. Or you can execute a ping scan
using this command

It will then start scanning

Each scan window contains five tabs which each display different aspects of the scan
results. They are “Nmap Output”, “Ports / Hosts”, “Topology”, “Host Details”,
and “Scans”.
The “Nmap Output” tab is displayed by default when a scan is run. It shows the familiar
Nmap terminal output. The display highlights parts of the output according to their
meaning; for example, open and closed ports are displayed in different colors.
The “Ports / Hosts” tab's display differs depending on whether a host or a service is
currently selected. When a host is selected, it shows all the interesting ports on that
host, along with version information when available.
When a service is selected, the “Ports / Hosts” tab shows all the hosts which have that
port open or filtered.

The “Topology” tab is an interactive view of the connections between hosts in a

network. Hosts are arranged in concentric rings. Each ring represents an additional
network hop from the center node.
The “Host Details” tab breaks all the information about a single host into a hierarchical
display.

that’s how I can have information of any system e.g. OS

The “Scans” tab shows all the scans that are aggregated to make up the network
inventory. From this tab you can add scans (from a file or directory) and remove scans.
Comparing Results:
You can compare results of two different times and can analyze which networks are
connected in your connection you can make sure if any unknown device is connected to
your network so you can take action accordingly. You can check which ports are open
and which are close.
You can check at which timings how many networks are active or when connections are
non-active. It allows you to target systems within your network and navigate around
firewalls

When you compare result, you can have information of which hosts are up and which
are down.
You can examine all networks, e.g. I see here new device named oppo is up which I
don’t recognize.
I will change password for avoiding suspicious traffic or may take some action against it
We can examines which hosts were up and which are done before and now. We can
compare the results.

Nmap also provides IP and Mac address of the device which are connected to the
network
It will provide information of device e.g. Laptop, its IP, Operating system details,
Services details, port details and ports details.

You can check open and close ports of the devices of your networks and can get
information about it.
You can also compare results of two different connections and analyze networks and its
details.