




















Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
The use of Nmap and Metasploit for computer network security. It explains how Nmap uses raw IP packets to determine available hosts, services, operating systems, and packet filters/firewalls. It also covers typical Nmap scans such as Maimon scans, UDP scans, TCP Null, and FIN scans. Additionally, it provides examples of how to scan a target with Nmap and detect remote services version numbers. The document also introduces Metasploit and its related products, including Metasploit Framework, Metasploit Community, Metasploit Express, Metasploit Pro, and Armitage. It explains the Metasploit Framework architecture and terminology such as vulnerability, exploit, and payload.
Typology: Lecture notes
1 / 28
This page cannot be seen from the preview
Don't miss anything!





















- sA : ACK - -sA tells Nmap to send an ACK packet to Nmap’s default port list. - If a RST packet has been received then those ports are marked as unfiltered. This means that there was not a stateful firewall prior to your target. - If some other message is received then Nmap marks those ports are filtered. - sW : Window - -sW tells Nmap to send an ACK packet to Nmap’s default port list just like – sA. - This scan however looks at the TCP Window property. - Open ports have a window size listed. Closed ports will have a 0 window size listed.
- sM : Maimon scans - -sM tells Nmap to send a Fin/ACK to Nmap’s default port list. - Most systems respond with a RST packet for both opened and closed ports. - However, some BSD systems will drop the packet if the port is opened. - sU : UDP scan - -sU tells Nmap to send an empty UDP packet to Nmap’s default port list. - If an ICMP type 3 code 3 message is returned then the port is marked as closed. - If an ICMP type 3 code 1, 2 , 9, 10, or 13 is returned then the port is labeled as filtered. - If a service responds then the port is open. - If a service responds and then does not respond to a second UPD packet then the port labeled as open filtered.
7
Reference: http://nmap.org/nmap_doc.html http://www.cyberciti.biz/networking/nmap-command-examples-tutorials/
8
Reference: http://nmap.org/nsedoc/categories/vuln.html
Metasploit Framework Architecture
Metasploit Installation
14
16
17
19
20