ASSIGNMENT 1- SCANNING TOOLS

2023F-T2 ISN 2003 - Network Security and Penetration

Testing 01 (CSFM Group 1)

Submitted By
Nijitha Thomas Kakkassery(c0895145)
 1. Nmap
A potent open-source network scanning program called Nmap (Network Mapper) is used for finding
and mapping network devices and services. It might supply crucial details regarding the hosts on a
network and the services they provide.

Purpose
 It can scan whole entire network IP ranges.
 Detects Open Ports
 can use Nmap to conduct scans utilizing both TCP and UDP (User Datagram Protocol)
protocols.
TCP Scanning: “nmap -sS target_ip”
UDP Scanning: “nmap -sU target_ip”
 It can perform Full echo Scan.
 Nmap is a useful tool for security assessments since it can be used to conduct vulnerability
scans and evaluate a network's security posture.

Usage Scenario
 Nmap is used by security experts to conduct penetration testing, in which they actively scan
networks for flaws that could be exploited by bad actors. The open ports and services that
require security hardening can be found using Nmap.
 Network Troubleshooting: Nmap is a useful tool for detecting which services or ports are not
responding as expected in order to diagnose network problems. This aids in locating and
fixing connectivity issues.
 Network Inventory: Using Nmap, managers may keep track of all connected devices, their IP
addresses, and open ports by compiling a list of all the devices on the network. For
controlling network resources, this is helpful.
 Security Audits: To make sure that their network is appropriately protected, organizations
can utilize Nmap to carry out regular security audits. It helps to maintain a strong security
posture by discovering open ports and potential vulnerabilities.
 Network administrators can use the port scanning features of Nmap to see if particular
services are accessible and present on target hosts. It is extremely helpful while setting up
and maintaining network services.

2. Angry IP Scanner
For Windows, Linux, and Mac, the Angry IP scanner is a quick and user-friendly network
scanner. It is incredibly extensible, enabling a very broad range of uses, with the main
objective of benefiting network managers. It is an easy and quick way to find active devices
and locate open ports on a network. It used as an application for scanning whole network.

Purpose

 It used for whole network range scanning

 Main purpose of this tool is Reconnaissance.
 It is also used for the purpose of trouble shooting of the networks.

Usage Scenarios:
 Port Scanning: The utility has the ability to check found devices for open ports. This is
useful for determining potential vulnerabilities or open services that may need to be
guarded or closed, which helps to evaluate the security of a network.
 Network administrators and security experts can detect devices connected to a network
with the use of Angry IP Scanner's network discovery feature. This is helpful for keeping
track of the devices you have, finding unapproved gadgets, and making sure your network
is managed properly.

3. Mega Ping Scanner

MegaPing is the all-inclusive toolbox that every information system specialist, system
administrator, provider of IT solutions, or individual must have. MegaPing comes with a variety of
scanners, including a Share Scanner, IP Scanner, and Port Scanner (TCP and UDP ports).

Purpose
 MegaPing can be used to scan for network infrastructure vulnerabilities like open ports
and evaluate the overall security of your network.
 Ping and traceroute support is provided by the tool, which is necessary for determining
network connectivity and identifying routing issues.
 MegaPing's DNS lookup and reverse DNS lookup capabilities are helpful for converting
domain names to IP addresses and vice versa.
 Port Scanning: To find open ports, it has port scanning capabilities.
 MegaPing offers real-time network device and service monitoring, assisting managers in
keeping a watch on the availability and performance of crucial network components.
 Network Diagnostics: It provides a number of diagnostic tools to analyze connectivity
issues, pinpoint bottlenecks, and troubleshoot network issues.

Usage Scenarios
 MegaPing can monitor network bandwidth utilization over time, assisting you in
identifying periods of high traffic or strange patterns that may suggest network misuse
or performance issues.
 MegaPing can help you manage DNS records and IP addresses, making it easy to track
changes and assure accurate domain resolution.
 Port Scanning: It can be used to do routine or scheduled port scans on network devices
to find open ports, which is critical for maintaining security and detecting potential
vulnerabilities.
 Troubleshooting: When network problems emerge, MegaPing can assist in determining
the root cause, whether it's a router misconfiguration, a server outage, or a DNS-related
issue.
  MegaPing can be used by security professionals to do security assessments and
penetration testing. They can scan for open ports, look for network flaws, and analyze
overall security posture.

4. Net Scan Tools

NetScanTools Pro is a comprehensive set of online information gathering and network
troubleshooting software designed for Network Professionals. IPv4 and IPv6 addresses, hostnames,
domain names, email addresses, and URLs can be researched automatically** or manually. It is
intended for the Windows operating system's graphical user interface. The user starts automated
tools interactively.

Purpose
 Network Discovery: Network scanning programs such as "Net Scan Tools Pro" are commonly
used to discover network devices and hosts. They detect active hosts, open ports, and
services that are running on those hosts.
 Security audits and vulnerability assessment can be accomplished with these technologies.
They assist in identifying potential network gaps, misconfigurations, and security threats by
scanning for open ports, services, and known vulnerabilities.
 Asset Management: Network administrators can use these technologies to keep track of the
devices and services on their network. This facilitates in the tracking of network assets and
configurations.
 Network Troubleshooting: When network problems emerge, network scanning tools can be
helpful in determining the source of the problem. They can disclose which hosts are online,
which services are active, and assist in identifying problems.

Usage Scenarios:
 Many common network utilities are much improved.
 It saves time while obtaining information about Internet or local LAN network devices, IP
addresses, domains, device ports, and a variety of other network details.
 Simplifies and accelerates information gathering by automating the use of numerous
network technologies for you. You enter an IP address and press a single button to access a
variety of functions.
 In your web browser, it generates clear, simple results reports.

5. ARP Scan
An ARP scan tool is a network utility that sends Address Resolution Protocol (ARP) requests
to discover and enumerate devices on a local network. It is frequently used for network
reconnaissance and troubleshooting.

Purpose
 Device Enumeration: The ARP scan tool can be performed on a specific network segment
to reveal all active devices. The utility will generate a list of IP addresses and MAC
addresses, assisting the administrator in identifying all devices.
  Unauthorized Device Detection: The administrator can rapidly identify any unauthorized or
potentially suspicious devices on the network by comparing the identified devices to an
authorized device list. Any unusual devices can be scrutinized for security flaws.
 Inventory Management: Using the ARP scan findings, the administrator can establish and
maintain an inventory of network devices. This inventory is required to track gear, manage
software licensing, and plan network improvements.
 Troubleshooting: The ARP scan tool can be used to troubleshoot connectivity issues or IP
address conflicts.

Usage Scenarios:
Consider the following scenario: A network administrator is required to undertake network
inventory and security auditing within a business network.

Scenario: A network administrator wants to make certain that all devices on their company's
local network are permitted and safe. They must also keep an accurate inventory of devices for
maintenance and security management. These scenarios make use of arp requests.

6. Zenmap
Zenmap is the Nmap Security Scanner's official graphical user interface (GUI). It is a multi-
platform, free and open-source application aimed to make Nmap simple to use for novices
while yet giving extensive functionality for advanced Nmap users.

Purpose
 Inventory Management: It can be used to keep track of the devices and services on a
network. This is very useful for keeping track of network assets in large company setups.
 Network Troubleshooting: Zenmap can help you diagnose network problems by displaying
which hosts are online and which services are active. It can aid in the identification of
issues such as unreachable hosts or blocked ports.
 Network Discovery: Zenmap assists you in discovering network devices and hosts. It
searches an IP address range for active hosts, open ports, and services operating on those
hosts.

 Security Auditing: Network administrators and security professionals frequently utilize

Zenmap to audit a network's security. By scanning for open ports and services, it detects
vulnerabilities, misconfigurations, and potential security issues.

Usage Scenarios:

 Network Monitoring: Scanning your network using Zenmap on a regular basis might help
you track changes over time. Unauthorized devices or services added to your network can
be detected.
 Zenmap can be used by network administrators to test the effectiveness of firewall policies.
You may determine whether the firewall is preventing or allowing the required traffic by
scanning from both inside and outside the network.
 Zenmap gives complete information on the services operating on each host, including
version numbers, in Service Enumeration. This data is useful for managing and safeguarding
network services.
 Scripting & Automation: Nmap script engine (NSE) scripts can be used to automate
particular tasks in Zenmap. To execute customized scans and tests, you can create own
scripts or use pre-existing ones.
 Network Mapping: You may use Zenmap to create a network map that shows all of your
network's devices and services. This might help you comprehend the structure of your
network.

 Security Evaluation: Zenmap can be used for security evaluations and penetration testing. It
assists in identifying potential attack vectors by revealing open ports and susceptible
services.