The Everything Feed - All Packet Pushers Pods PP058: Network Discovery with NMAP: You’ve Got Swaptions
Apr 15, 2025
Chris Greer, an expert in network analysis and forensics, shares his insights on NMAP, a powerful network scanning tool. He explains various scan types, device fingerprinting, and aggressive scanning techniques with humor. The conversation covers mastering NMAP's features for network discovery, emphasizing best practices for scanning and refining methods for accurate results. Chris also shares tips on learning NMAP safely while integrating it with tools like Wireshark, making network exploration both effective and engaging.
AI Snips
Chapters
Transcript
Episode notes
Nmap Overview and Capabilities
- Nmap is a versatile open-source network mapper available on many operating systems.
- It discovers hosts, open ports, vulnerabilities, and supports powerful scripting for deep network analysis.
Finding Unknown Devices Anecdote
- Chris used Nmap to identify devices in wiring closets when the physical connections were unclear.
- Nmap helped him find unknown or unexpected devices on his network inventory.
Reality of Stealth Scans
- A stealth scan sends TCP SYN and SYN-ACK but never completes the handshake, staying "half-open."
- Despite its name, stealth scans are easily detected by modern IDS and packet analysis.