WEBVTT 00:00.700 --> 00:06.370 Hello, my name is Stephanie, and in this lecture you will learn how to discover open ports with Nmap. 00:06.400 --> 00:13.000 In the realm of network reconnaissance, one of the most valuable tasks is to determine the port states 00:13.000 --> 00:14.200 of a target. 00:14.230 --> 00:22.330 This process is commonly known as port scanning, so Nmap, the versatile network scanning tool, excels 00:22.360 --> 00:27.670 at this task, so providing a valuable insights into the running services on a target. 00:27.670 --> 00:34.450 So in this segment we will explore essential Nmap options related to port scanning and learn how to 00:34.450 --> 00:38.500 effectively list open ports on a target segment. 00:38.530 --> 00:39.340 One. 00:40.070 --> 00:44.230 Launching the default scan to initiate a default scan with Nmap. 00:44.240 --> 00:52.340 All you need to is the target information, which can be an IP address hostname or even a network range. 00:52.340 --> 00:54.290 So let's take a look at this example here. 00:54.290 --> 00:56.270 So Nmap could easily. 00:57.800 --> 00:58.640 Dot com. 00:59.090 --> 01:07.100 So here this command will initiate a scan on the target host Qatar Telecom and provide detailed information 01:07.100 --> 01:11.210 about the open ports and their corresponding services. 01:11.240 --> 01:13.490 And here it is, the output here. 01:13.490 --> 01:19.100 And as you can see, Tron 988 filtered TCP ports and so on. 01:19.100 --> 01:21.020 So you will also learn what is here. 01:21.020 --> 01:23.150 So in segment two, which is. 01:24.240 --> 01:28.530 Segment two, so you will understand the scan results here. 01:28.530 --> 01:35.640 So the scan result generated by Nmap offer a crucial information about a target host. 01:35.670 --> 01:44.000 Let me actually open the grommet here and I will draw things on the screen to explain this better. 01:44.010 --> 01:45.570 So here. 01:46.940 --> 01:55.700 Here we have alongside with the IPv4 and IPv6 addresses, reverse DNS names and latency details. 01:55.730 --> 02:04.010 The results highlight the ports and their respective states, and the port states are categorized like 02:04.010 --> 02:04.580 this here. 02:04.580 --> 02:07.640 So in first year we have open. 02:08.950 --> 02:09.850 Open ports. 02:09.880 --> 02:12.370 This this here in open here. 02:12.370 --> 02:15.190 As you can see, all of these ports are open here. 02:15.280 --> 02:25.270 So with this we are indicating so Nmap is indicates that a service is actively listening for connections 02:25.270 --> 02:27.730 on the port open here. 02:27.730 --> 02:30.400 And also we have the closed. 02:32.500 --> 02:33.550 With this here. 02:34.240 --> 02:42.760 Nmap indicates to us that the probes were received, but no service was detected on the port. 02:42.760 --> 02:45.370 And we also have the filtered. 02:49.400 --> 02:50.000 Filter it. 02:50.300 --> 02:56.870 So this indicates that the probe's reception could not be determined possibly due to the filtering mechanisms. 02:56.870 --> 02:59.870 And we also have on filtered. 03:06.850 --> 03:13.840 So with this here, iMap indicates us that the probes were received, but the state couldn't be established 03:13.840 --> 03:17.350 and we also have open filter it here. 03:18.010 --> 03:24.310 This means that indicates that the port appears to be either open or filtered, but the state couldn't 03:24.310 --> 03:25.000 be determined. 03:25.000 --> 03:27.850 And we also have the. 03:29.410 --> 03:35.800 Klaus filtered here, which indicates that the port appears to be either closed or filtered, but the 03:35.800 --> 03:37.450 state couldn't be determined. 03:39.060 --> 03:41.430 And here we will also learn the. 03:45.310 --> 03:47.500 How to customize Nmap scans. 03:47.500 --> 03:55.660 So while the default scan provides a valuable information, Nmap offers a plethora of customization 03:55.660 --> 03:56.230 options. 03:56.230 --> 04:05.020 So for instance, for instance, you can specify alternative DNS server using the DNS servers option 04:05.020 --> 04:09.670 like this DNS servers option to control DNS resolution during the scan. 04:09.760 --> 04:16.630 For example, this Nmap DNS server here and we will enter the Google DNS here one eight, eight eight 04:16.630 --> 04:16.990 here. 04:16.990 --> 04:26.890 And after that comma we will type and 8.8.94.4 here and now we will do console.com. 04:26.890 --> 04:36.390 So by providing this DNS server, Nmap will utilize this servers for hostname resolution and here further. 04:36.620 --> 04:43.720 Furthermore, Nmap performs host discovery to determine if the target is online before conducting port 04:43.720 --> 04:50.870 scanning and you can skip the host discovery step using the pen option here. 04:53.350 --> 04:59.470 After Nmap p an uppercase and lowercase n here. 05:00.220 --> 05:04.480 And here you will see another result. 05:04.480 --> 05:04.990 It might. 05:05.020 --> 05:05.860 It might take here. 05:05.860 --> 05:08.860 Actually, let me use the sudo here. 05:09.010 --> 05:10.990 Sudo enter password. 05:10.990 --> 05:11.710 That's it. 05:12.100 --> 05:20.620 And here this command will directly indicate initiate port scanning without prior post discovery with 05:20.650 --> 05:24.850 uppercase and lowercase n options here. 05:39.500 --> 05:46.370 And here Nmap employs various tick scan techniques depending on the user's privileges, and the default 05:46.370 --> 05:55.550 scan can utilize a synchronized scan, stealth scan or TCP connect scan here so these techniques ensure 05:55.550 --> 06:00.670 comprehensive port scanning while considering the user's pillages and network environment. 06:00.680 --> 06:08.540 So port scanning with Nmap unravels the network services running on a target, enabling us to gain insights 06:08.540 --> 06:15.680 into potential vulnerabilities and secure our networks by understanding the scan results here, customizing 06:15.680 --> 06:22.730 the Nmap scans and being aware of the underlying scan techniques so we can effectively explore open 06:22.730 --> 06:26.100 ports and their associated services here. 06:26.120 --> 06:34.460 Now, as you can see, we are seeing services FTP, Smtp, FTP domain, Http, Pop3, iMap and so on. 06:34.460 --> 06:42.390 So equip yourself with Nmap port scanning progress and unlock the secrets hidden within your network.