In our journey to be security practitioners, we must understand basic network-based techniques from both attackers and defender perspectives. Continuing on that track, let’s talk more about network scanning and its tools and techniques today.
It’s the URL, stupid (me)!
Consider a scenario. You are in a miserable situation where you accidentally clicked on some phishing link or scam URL. A long time ago, when the web was safe, and viruses, trojans, and worms were transmitted only by EXE or BIN files, we could rest assured that the virus scanner protected us.
Now, the web is the purveyor of all things good and evil. Smartphones have become the norm rather than the exception. The individual security measures (windows, IOS, etc.) are only as useful as there latest update, and maintaining the amount of tech we each possess up to date is difficult. But the most common denominator is the URL centric web. All devices have Internet access and thus are vulnerable to the latest threats.
Think of the email before spam abuse. There used to be open relays everywhere, and anyone could send emails using a 10 line shell script using SMTP command verbs. Today that is impossible since email abuse has turned people away from everyday email. Even when you need to use email for work, most of one's inbox is someone trying to sell you something or market something. Every piece of traffic that humans originated on the Internet has a URL, so let's look at new-age security measures to help protect you.
As a cybersecurity professional, knowledge of network and security tools is critically important. To help jumpstart this knowledge, we will focus on Nmap and introduce you to beginner's content.
Nmap has always been the security engineer's tool of choice for a wide variety of tasks. You can use it to see which machines are up, if a machine has blocked pings, or if the firewall blocks ICMP packets. It also helps determine if a machine is switched on and connected to the network through performance scans. In the previous article: How to Use Netcat for Cybersecurity, we had covered netcat, also used for connectivity testing.