Otto  background

Linux Hack of the Week #15: Using Nmap Zenmap

Connect With Us

Start now, and patch, configure, and control all your endpoints in just 15 minutes.

See last week's Linux Hack of the Week, on configuring Squid in Linux, here.

Everyone should know about Nmap. Nmap is a great reconnaissance tool which can be used to scan your network for devices and services. Often, I run it for discovery when I am performing an assessment, or scanning my network for things like rogue DHCP or DNS servers. However, one problem with Nmap is that it does not yield nice looking results as shown below:

But, a tool called Zenmap not only creates better visualization but is also an easy to use GUI for different scans.

Installation

Simply run:

dnf install nmap-frontend

Launch

Launching zenmap is as easy as running it:

zenmap

Scan

First, run a quick scan. Put the subnet in and select ‘Quick Scan’. Run the scan:

You can see the results in the ‘Nmap Output’ box below. This shows the hosts on the left and the details on the right:

Nmap is full of great information, but what I find to be the most helpful is the Topology tab:

You might notice the difference in colors on this diagram. Here, yellow and red indicate a higher number of open ports.

Intense Scan

An intense scan looks at additional ports leading to more discovery and additional information. However, it does take quite a bit more time to complete.

Looking at this output, we see additional discovery on one of the hosts.

Conclusion

Nmap is an invaluable tool for security pros, as well as sys admins. By using the Zenmap tool, use of Nmap and output are much easier. The next time you are looking at your enterprise, try it out. As always feel free to let me know if you have any questions: support@automox.com.

About Automox

Facing growing threats and a rapidly expanding attack surface, understaffed and alert-fatigued organizations need more efficient ways to eliminate their exposure to vulnerabilities. Automox is a modern cyber hygiene platform that closes the aperture of attack by more than 80% with just half the effort of traditional solutions.

Cloud-native and globally available, Automox enforces OS & third-party patch management, security configurations, and custom scripting across Windows, Mac, and Linux from a single intuitive console. IT and SecOps can quickly gain control and share visibility of on-prem, remote and virtual endpoints without the need to deploy costly infrastructure.

Experience modern, cloud-native patch management today with a 15-day free trial of Automox and start recapturing more than half the time you're currently spending on managing your attack surface. Automox dramatically reduces corporate risk while raising operational efficiency to deliver best-in-class security outcomes, faster and with fewer resources.