Scanning the Internet with Nmap (Defcon 16)

How would you like to scan millions of hosts on the Internet and catalog all the interesting insights? This is exactly what Fyodor, the author of Nmap or Network Mapper did last summer. Thankfully, he then went on to share his finding with the community at Defcon 16 in his talk titled "Nmap: Scanning the Internet". Interestingly, as Fyodor notes in his talk that scanning such a large set of IP addresses did help him in uncovering many bugs in Nmap and also forced him to make enhancements and add new features to make the scanner really fast.

In this talk Fyodor demos many of the new features he has added in Nmap lately including but not limited to - optimizing the host discovery process using TCP and UDP techniques, finding most used TCP and UDP ports on the Internet and inside Intranets of large corporations, packet rate control with a minimum and maximum setting, the pack trace option, ncat - which is a netcat clone and ndiff which allows one to diff between different scan dumps. However, the best of the lot was uncovering of the Nmap scripting engine which allows developers to write than own scripts which will be executed by Nmap upon various events. This feature is really very interesting because it now allows users to add their own custom functionality on top of Nmap. As an example let's say every time Nmap finds the Telnet port open, one could write a script which tries to brute force the password then and there itself. I will try and cover the Nmap scripting engine in a video tutorial very soon.

The slides for the presentation are available here and a high resolution video can be downloaded here.

Related Videos from: Interesting Talks at Defcon 16


Cracking WEP Cloaking and 802.11 Non Public Band Comunication	Active HTTPS Cookie Hijacking (Mike Defcon 16)	Demonstration of Hardware Trojans (Defcon 16)	You are Viewing this Video Now!	Hijacking the Internet using a BGP MITM Attack (Defcon 16)
12351 views	3599 views	3758 views	5117 views	4866 views

Author