Map your network with Zenmap
Nmap is one of the most useful network discovery tools you will ever use. Nmap allows you to explore networks of any size to determine the following information:
- Port details
- Host details
- State
- Service
- Devices
- Addresses
- and much, much more
Nmap is one of those applications you will need to open anytime you see issues on your network, need to get information about hosts, track down an IP address, etc. Nmap is flexible, powerful, deployed all over the world (it is in the top 10 programs on Freshmeat), easy to use, well documented, cross platform (Linux, OS X, and Windows ) and (best of all) FREE!
But Nmap is a commmand-line only tool. Most users don't want to monkey with the command line. Fortunately there are plenty of front-end tools for command line equivalents. For Nmap you can use the user-friend Zenmap. And how can you get up to speed quickly with Zenmap? Easy...you read this tutorial on how to run a scan on your entire LAN and then read the results.
Getting and installing
To install Zenmap you will have to install Nmap along with it. You can do this one of two ways: with Synaptic (or another GUI front end for your installation tool), or from the command line. To install via your Add/Remove Software tool follow these steps:
- Open up your Add/Remove Software utility.
- Search for Nmap.
- Mark Nmap for installation.
- Search for Zenmap.
- Mark Zenmap for installation.
- Click Apply to install.
Once installed you will see the entry for Zenmap in your Internet (or Network) sub-menu of your Applications or Main menu. You will want to run Zenmap as the root user because, most likely, your standard user will not have access to the networking devices.
Running Zenmap
When you fire up Zenmap you will see the main window (see Figure 1) which will be empty of scans (because none have been issued as of yet).
To start a new scan you can do one of two things: You can enter a target IP (or range), select the type of scan, and hit Scan. Or you can open up the Command Wizard to construct a much more specific type of scan.
If you opt for just entering in your target(s) here's how it works. The first thing you do is enter a target IP address. If you want to use a range of addresses the address would look like this: 192.168.1.1-200. NOTE: There are no spaces in the address.
You then need to select the type of scan to run. There are eight different types of scans to run. The intense scan will give you the most information and the Operating System Detection will give you the least amount of information.
The second method of setting up a scan is the Command Wizard. When you click this button you will walk through the following steps:
- Novice/Expert: Select the level of configuration you want to use.
- Profile/Command: Create a new profile or create a command to run once.
- Profile Details: If you go the Profile route you will have to enter the profile details.
- Scan Type: TCP or Non-TCP scan types as well as inclusion of Services version and Operating system detection.
- Ping Options: ICMP, ACK, SYN, IPPronto, etc details (if needed).
- Scripting Options: If you need to add special scripts to your scan.
- Target Options: Exclude hosts as well as configure ports to scan.
- Source Options: Use decoys, set source address, set source port options if needed.
- Misc Options: Various options to include.
Once you have finished configuring your scan via the Wizard you can hit the Scan button. However, if you opted to go the Profile route you will need to select your new profile from the Profile dropdown list.
Scan results
After your scan has completed you can take a look at your scan results. There are five tabs that will give you various information about the scan. Obviously the Scan Details tab is where you will get a good summation of your scan. To get the low-level details of your scan take a look at the Nmap Output tab. As your scan is running this is the only tab you can view - and it will give you every piece of information you need.
Saving scans
A nice feature of Zenmap is the ability to save scans. Once you have a scan completed you can save your scan and open it for later viewing. The only downfall of this is the Nmap Output is a bit cramped together. While the scan is running the output is displayed in real time so it's easy to read. When not in real time this output can really be a pain to get through. Fortunately, between the other tabs, you can get all of the information you need quickly and easily.
Final thoughts
Zenmap makes easy work out of the complicated Nmap command utility. If you have any need to map a network or analyze your network topography, Zenmap is the way to go.
thank you