Swiftorial Logo
Home
Swift Lessons
Matchups
CodeSnaps
Tutorials
Career
Resources

Network Scanning Tutorial

Introduction to Network Scanning

Network scanning is a method used to discover active devices on a network, identify their IP addresses, and determine the services running on them. It is an essential step in the process of identifying vulnerabilities in networked systems. By scanning a network, administrators can gain insights into potential security risks and take preemptive measures to safeguard their infrastructure.

Types of Network Scanning

There are several types of network scanning techniques, including:

  • Ping Scanning: This technique checks which devices on a network are active by sending ICMP echo requests.
  • Port Scanning: This involves probing a host for open ports to determine which services are available.
  • Service Scanning: This identifies the services running on open ports, including version information.
  • OS Fingerprinting: This technique attempts to determine the operating system of a device based on its responses.

Tools for Network Scanning

Several tools are available for network scanning, including:

  • Nmap: A powerful and widely used network scanner that supports various scanning techniques.
  • Angry IP Scanner: A fast and easy-to-use tool for scanning IP addresses and ports.
  • Advanced IP Scanner: A free tool that provides a detailed view of devices on a network.

Using Nmap for Network Scanning

Nmap (Network Mapper) is one of the most popular tools for network scanning. Below are some basic commands to get started with Nmap.

Basic Ping Scan

To perform a simple ping scan to find live hosts in a network, use the following command:

nmap -sn 192.168.1.0/24

This command will scan the subnet 192.168.1.0/24 and list all active devices.

Port Scan

To scan for open ports on a specific host:

nmap 192.168.1.1

This command will scan the target device at IP address 192.168.1.1 for open ports.

Service Version Detection

For detecting the versions of services running on open ports:

nmap -sV 192.168.1.1

This command will provide detailed information about services running on the target device.

OS Detection

To attempt to identify the operating system of a target device:

nmap -O 192.168.1.1

This command will try to determine the operating system based on the responses from the target.

Interpreting Scan Results

After performing a scan, Nmap will produce output indicating the status of the hosts and their open ports. Understanding the results is crucial for identifying potential vulnerabilities:

Example Output:

                Starting Nmap 7.80 ( https://nmap.org ) at 2023-10-01 10:00 UTC
                Nmap scan report for 192.168.1.1
                Host is up (0.0010s latency).
                Not shown: 998 closed ports
                PORT     STATE SERVICE     VERSION
                22/tcp open  ssh         OpenSSH 7.9 (protocol 2.0)
                80/tcp open  http        Apache httpd 2.4.41 ((Ubuntu))

In this output, we can see that the host at 192.168.1.1 has SSH (port 22) and HTTP (port 80) services running. The versions of these services are also provided, which is useful for identifying potential vulnerabilities associated with specific software versions.

Conclusion

Network scanning is a critical component of network security assessment. By using tools like Nmap, network administrators can identify active devices, detect open ports, and gather information about services running on those devices. This knowledge allows for better vulnerability management and helps in securing the network against potential threats.