• Port details
• Host details
• State
• Service
• Devices
• Addresses
• and much, much more

Nmap is one of those applications you will need to open anytime you see issues on your network, need to get information about hosts, track down an IP address, etc. Nmap is flexible, powerful, deployed all over the world (it is in the top 10 programs on Freshmeat), easy to use, well documented, cross platform (Linux, OS X, and Windows ) and (best of all) FREE!

But Nmap is a commmand-line only tool. Most users don’t want to monkey with the command line. Fortunately there are plenty of front-end tools for command line equivalents. For Nmap you can use the user-friend Zenmap. And how can you get up to speed quickly with Zenmap? Easy…you read this tutorial on how to run a scan on your entire LAN and then read the results.

Getting and installing

To install Zenmap you will have to install Nmap along with it. You can do this one of two ways: with Synaptic (or another GUI front end for your installation tool), or from the command line. To install via your Add/Remove Software tool follow these steps:

1. Open up your Add/Remove Software utility.
2. Search for Nmap.
3. Mark Nmap for installation.
4. Search for Zenmap.
5. Mark Zenmap for installation.
6. Click Apply to install.

Once installed you will see the entry for Zenmap in your Internet (or Network) sub-menu of your Applications or Main menu. You will want to run Zenmap as the root user because, most likely, your standard user will not have access to the networking devices.

Running Zenmap

Figure 1

When you fire up Zenmap you will see the main window (see Figure 1) which will be empty of scans (because none have been issued as of yet).

To start a new scan you can do one of two things: You can enter a target IP (or range), select the type of scan, and hit Scan. Or you can open up the Command Wizard to construct a much more specific type of scan.

If you opt for just entering in your target(s) here’s how it works. The first thing you do is enter a target IP address. If you want to use a range of addresses the address would look like this: 192.168.1.1-200. NOTE: There are no spaces in the address.

You then need to select the type of scan to run. There are eight different types of scans to run. The intense scan will give you the most information and the Operating System Detection will give you the least amount of information.

The second method of setting up a scan is the Command Wizard. When you click this button you will walk through the following steps:

• Novice/Expert: Select the level of configuration you want to use.
• Profile/Command: Create a new profile or create a command to run once.
• Profile Details: If you go the Profile route you will have to enter the profile details.
• Scan Type: TCP or Non-TCP scan types as well as inclusion of Services version and Operating system detection.
• Ping Options: ICMP, ACK, SYN, IPPronto, etc details (if needed).
• Scripting Options: If you need to add special scripts to your scan.
• Target Options: Exclude hosts as well as configure ports to scan.
• Source Options: Use decoys, set source address, set source port options if needed.
• Misc Options: Various options to include.

Once you have finished configuring your scan via the Wizard you can hit the Scan button. However, if you opted to go the Profile route you will need to select your new profile from the Profile dropdown list.

Scan results

Figure 2

After your scan has completed you can take a look at your scan results. There are five tabs that will give you various information about the scan. Obviously the Scan Details tab is where you will get a good summation of your scan. To get the low-level details of your scan take a look at the Nmap Output tab. As your scan is running this is the only tab you can view – and it will give you every piece of information you need.

Saving scans

A nice feature of Zenmap is the ability to save scans. Once you have a scan completed you can save your scan and open it for later viewing. The only downfall of this is the Nmap Output is a bit cramped together. While the scan is running the output is displayed in real time so it’s easy to read. When not in real time this output can really be a pain to get through. Fortunately, between the other tabs, you can get all of the information you need quickly and easily.

Final thoughts

Zenmap makes easy work out of the complicated Nmap command utility. If you have any need to map a network or analyze your network topography, Zenmap is the way to go.

Related posts

• Softperfect Network Scanner (3)
• Network Security Software Bothunter (1)
• Map your network with Lanmap (3)
• Asset scanning with nmap and ndiff (2)

The software has been designed to discover communication patterns that are typical for malware infected computers. While Bothunter has been designed as a network security software that can analyze the traffic of the network it can also be used to analyze a single computer or basic home network.

Bothunter is supplied as a Linux or Windows version. The Linux version comes as a installation but also in form of a live CD that can be used from any computer that is capable of booting from CD and compatible with Ubuntu Linux.

Bothunter needs some configuration in the beginning. Most home users will only need to enter the local network IP which they can discover this way:

Click the Windows desktop Start Menu, Control Panel, Network Connections. Find the local area connection that is “Connected”. Double click the connected network icon. Click the Support Tab. Your IP address will be listed.

Optional data like the IP address of SMTP servers or DNS servers can be entered if they are used in the computer network. Home users usually leave these information blank. The only other information needed is the network adapter that should be used to scan and analyse the computer network.

Once that is done the network security software will scan the computer network in two minute intervals and display any potential bot infection in the interface.

Related posts

• Computer Security Software ESET SysInspector (3)
• Windows Vulnerability Scanner (4)
• Windows Process Blocker SPKiller (1)
• Windows Process Blocker (9)
• Use Wireshark to track your network behavior (3)

It can automatically detect the Local IP Range, External IP Addresses and IP Range from a Host Name. Those information are automatically inserted into the scanning parameters. A scan resolves host names, pings the servers, detects MAC addresses, hidden shared folders and write accessible shares.

Some of the options are disabled by default and have to be enabled in the program’s options. This is for example the case for MAC address detection and discovery of Open Ports. The ports have to be entered in a comma separated list, by default only port 80 is checked.

The network scanner has been designed to scan local and remote networks. Basically any IP range can be entered and Softperfect Network Scanner will scan it.

The network scanner supports additional features that make it interesting. I can launch third party applications that can be integrated into the software. It does support Wake-On-Lan and Remote Shutdown, can mount and explore network resources and retrieve logged in users.

Related posts

• Port Scanning Networking Tool SuperScan (1)
• Network Settings Manager (2)
• Hamachi Virtual Private Network (17)
• Fast IP Switcher (5)
• eToolz Network Toolset (1)