170420107051

SAHIL SHINGALA Cyber Security(2150002)

Experiment No:3

AIM: Perform Scan Using Zenmap.

BRIEF THORY:

Zenmap is the official graphical user interface (GUI) for the Nmap Security Scanner. It is a
multiplatform, free and open-source application designed to make Nmap easy for beginners to use
while providing advanced features for experienced Nmap users. Frequently used scans can be
saved as profiles to make them easy to run repeatedly. A command creator allows interactive
creation of Nmap command lines. Scan results can be saved and viewed later. Saved scans can be
compared with one another to see how they differ.

QUESTIONS:

1) Perform all the scan of practical no 2 using Zenmap.

1.Scan a system using Hostname and IP address.

Command: $ nmap SAR030

Command: $ nmap 172.16.1.31

1|Page SCET/BE/CO(SHIFT-1)/SEM-5/BATCH-B/CS
170420107051
SAHIL SHINGALA Cyber Security(2150002)

2.Scan the system for multiple host.

Command: $ nmap 172.16.1.31 172.16.1.30

3.Scan the system for multiple host using file.

Command: $ nmap -iL iplist

2|Page SCET/BE/CO(SHIFT-1)/SEM-5/BATCH-B/CS
170420107051
SAHIL SHINGALA Cyber Security(2150002)

4.Scan the system using whole subnet mask.

Command: $ nmap 172.16.1.*

3|Page SCET/BE/CO(SHIFT-1)/SEM-5/BATCH-B/CS
170420107051
SAHIL SHINGALA Cyber Security(2150002)

5.Scan the system for multiple system using last octet of IP address.

Command: $ nmap 172.16.1.29,31,32,54,95

6.Scan IP address rang and excluding particular user

Command: $ nmap 172.16.1.25-30 --exclude 172.16.1.30

4|Page SCET/BE/CO(SHIFT-1)/SEM-5/BATCH-B/CS
170420107051
SAHIL SHINGALA Cyber Security(2150002)

7.Show OS detail and trace route.

Command: $ nmap -O -traceroute 172.16.1.30

5|Page SCET/BE/CO(SHIFT-1)/SEM-5/BATCH-B/CS
170420107051
SAHIL SHINGALA Cyber Security(2150002)

8.Enable version detection using NMAP.

Command: $ nmap -O 172.16.1.27

9.Scan a host to detect firewall.

Command: $ nmap -sA 172.16.1.30

6|Page SCET/BE/CO(SHIFT-1)/SEM-5/BATCH-B/CS
170420107051
SAHIL SHINGALA Cyber Security(2150002)

10.Scan a host to check whether its protected by a firewall or not.

Command: $ nmap -PN 172.16.1.104

11.Perform fast scan using NMAP.

Command: # nmap -F 172.16.1.29

7|Page SCET/BE/CO(SHIFT-1)/SEM-5/BATCH-B/CS
170420107051
SAHIL SHINGALA Cyber Security(2150002)

12.Scan port consecutively.

Command: # nmap -r 172.16.1.105

8|Page SCET/BE/CO(SHIFT-1)/SEM-5/BATCH-B/CS
170420107051
SAHIL SHINGALA Cyber Security(2150002)

13.Print hosts interfaces and routes.

Command: # nmap –iflist

14.Scan for a specific port.

Command: # nmap -p 22 172.16.1.29

9|Page SCET/BE/CO(SHIFT-1)/SEM-5/BATCH-B/CS
170420107051
SAHIL SHINGALA Cyber Security(2150002)

15.Scan for TCP port.

Command: # nmap -p 20-100 172.16.1.42

16.Scan for UDP port.

Command: # nmap -sU -p 111 172.16.1.42

17.Scan for multiple port.

Command: nmap -p 80,22 172.16.1.31

10 | P a g e SCET/BE/CO(SHIFT-1)/SEM-5/BATCH-B/CS
170420107051
SAHIL SHINGALA Cyber Security(2150002)

18.Find host services version no.

Command: # nmap -sV 172.16.1.42

11 | P a g e SCET/BE/CO(SHIFT-1)/SEM-5/BATCH-B/CS
170420107051
SAHIL SHINGALA Cyber Security(2150002)
19.Perform can to find most commonly used ports using TCP syn.

Command: # nmap -sT 172.16.1.42

20.Scan remote hosts using TCP ACK and TCP SYN.

Command: # nmap -PS 172.16.1.31

12 | P a g e SCET/BE/CO(SHIFT-1)/SEM-5/BATCH-B/CS
170420107051
SAHIL SHINGALA Cyber Security(2150002)

2) Create different profiles and scan target using that profile.

3) Edit existing profiles and perform scan.

13 | P a g e SCET/BE/CO(SHIFT-1)/SEM-5/BATCH-B/CS
170420107051
SAHIL SHINGALA Cyber Security(2150002)

4) Delete all the profiles created by user.

5) Compare results for 2 different hosts

14 | P a g e SCET/BE/CO(SHIFT-1)/SEM-5/BATCH-B/CS
170420107051
SAHIL SHINGALA Cyber Security(2150002)

6) Compare results for same host with different options.

15 | P a g e SCET/BE/CO(SHIFT-1)/SEM-5/BATCH-B/CS