It can be said that if your network has a vulnerability, or your firewall has a vulnerability, or your server has a port that shouldn't be opened, your network is at risk of being attacked and damaged.
The first step is strong. In order to prevent others from destroying their networks, they should first "hack" themselves. We can use the methods used by hackers to test our system first.
To do well, you must first sharpen your tools. What tools should I choose? Here we recommend NMAP. NMAP is a free open-source utilityProgramWhich can be used for network exploration and security review.
Many network administrators also find that they investigate network devices, manage Service Upgrade Plans, and monitor the normal running time of hosts or services. NMAP uses IP data packets to determine which hosts are available on the network, what services are provided by these hosts, and what operating systems they are running, which types of filters or firewalls are used? Of course, there are many other features. It is designed to quickly scan large networks, but it can work well for some independent hosts. NMAP can run on all major computer operating systems, and supports the console and graphics versions.
Windows support
NMAP runs on Windows 2000 and Windows XP platforms, and cannot run on Windows 98, me, Ce, and other systems.
Set Scan
NMAP allows multiple scanning options. It probes the detected hosts in the network according to the selected scan options and display nodes.
You can create a scan range, so you do not need to enter a large number of IP addresses and host names.
Scan an IP address range
You can scan a single host or a host within a range. You can scan the host name or IP address. For example, to scan all hosts in the range from 192.168.1.3 to 192.168.1.9, enter 192.168.1.3-9,
Click scan to scan.
During scanning, you can also Replace "*" with any part of the IP address.
For example, 192.168.1. * (equivalent to 192.168.1.1-255)
To scan a host in a larger range, enter:
192.168.1, 2, 3 .*
This will scan all the addresses in the three networks: 192.168.1.0, 192.168.2.0, and 192.168.3.0.
To scan a larger network, enter 192. 168 .*.*
To set different configuration files for network scanning, click the drop-down list after "Profile" and select "operating system detection", "Quick Scan", and other options, this allows you to scan network hosts in different ways.
NMAP checks open ports on the host
Next we will look at how to scan open ports for the network host:
In the text box after "target", enter "192.168.1.12", select "intense scan" from the "Profile" drop-down list, and click "scan ". After a while, we will see the following window: (Have you noticed the selected information ?)
The information in this figure is the port opened by the scanned host. as an administrator, check whether the services corresponding to these ports are required.