In this practice, we will learn how to use Nmap, a widely recognized open-source tool for network analysis and security. With Nmap, we will perform scans on a target machine (in this case, a Debian machine) from a Kali Linux machine.
We will identify active hosts, open ports on the network, and which services are operating on those ports. This will allow us to search for possible vulnerabilities in the detected services and understand the security weaknesses that may exist in the network.
A new repository will be created in your account.
On the Kali machine, we will perform a scan with Nmap to discover active hosts and open ports on a network or a specific device.
1sudo apt-get install nmap
1nmap <IP_debian>
After performing the scan, Nmap will provide a list of open ports and the services operating on those ports.
1nmap -sV <debian_IP>
This option (-sV) allows detection of the version of the service operating on each port.
1nmap -sV --script=vuln <debian_IP>
The option (--script=vuln) runs Nmap's built-in vulnerability detection scripts.
💡Example: For the Apache 2.4.7 service, go to the NVD page: https://nvd.nist.gov/ and enter "Apache 2.4.7" in the search bar.
.pdf
format with the name vulnerability-report.pdf
.