Nmap, Port Scanning, and VMs

It has been several weeks since I have posted here; I have taken sometime to relax and spend time with my family. This past week I was able to get back in my studies and make progress towards a new career in Cyber Security.

This past weekend I spent most of my time learning and practicing port scanning. I was able to do this in a number of workstations; I have Ubuntu setup on a separate computer. I was also able to get a virtual machine through VMware running on my Windows 10 PC; I was also able to install Kali Linux on my Windows 10 PC. After having these various workstations setup, I went on to learn basic Nmap skills on TryHackMe. After completing the TryHackMe course I wanted to test the skills I just learned on my own network.

Finishing up the nmap section on TryHackMe.

I was able to perform a number of scans on my own network. I first started with generic scans such as nmap 10.10.220.140. After being comfortable in doing that and understanding the output, I added arguments to my scan. The most useful arguments I found to better understand what I am scanning were -A and -v. I felt these two arguments were the most useful in finding out the most information about a target quickly. I ran several scans with arguments on my Ubuntu computer and through Zenmap on my Windows 10 PC.

Output of scan from Zenmap on my Windows 10 PC.

Another scan I did was a stealth SYN scan on my entire network (nmap -sS -O 192.168.x.x/24). The scan did take a little bit to run (47.49 seconds), but I found the detail and what it found very interesting. I have several smart devices connected to my Wifi and for whatever reason I thought they wouldn’t be detected. I was able to verify that my computer running Ubuntu was able to be found. After reviewing the output from this scan it was reassuring that I did not find any unauthorized devices on my network; I am aware they could still exist; however, I feel confident there is no one on my network.

My Ubuntu computer showing two ports open.

I feel that I have only scratched the surface on what nmap/zenmap can offer. I will continue to dig deeper in port scanning and running these commands both in physical and virtual machines.