Introduction
Nmap is a dynamic tool that can be used for scanning networks for its connected hosts and is a useful tool for those who intend to perform penetration testing. A business unit which is composed of a local network with several hosts is selected for mapping using this tool. The use of these assets is governed by the administrative heads of the different computing terminals on the business premises. These administrative heads all work under the one chief administrator who oversees the system’s networking and operational functionalities. Any proposal for a change that may affect the network topology is registered with the chief administrator who then passes it on to the management for approval. The chief administrator can then make the necessary adjustments. Within the different computing terminals, there exist several devices such as printers, scanners, computers and other networking devices such as routers which direct packets and switches as the business run on a network that incorporates both cable media and Wi-Fi. The business uses a 24byte type of network with a subnet mask of 255.255.255.0.
One of the ways a hacker may try to access the network is through identity theft (Sullins, 2017). This is where they may try to solicit passwords from staff within the business while assuming the identity of legitimate employees. Once they acquire these passwords, they can remotely access the system and make significant changes to existing configurations which may impact negatively on the network’s performance if the logical network topology is affected. This increases management cost as the chief administrator will again have to recalibrate the network to match its original state. They may also bypass the security mechanisms placed over the business’ server and install viruses or ransomware which results in unexpected costs trying to recover from their impact on computing resources.
![]()
Figure 1:Nmap identification of hosts:
Using the Nmap tool and details of the network address which are also available on Nmap using the ifconfig command on a Linux computer, a total of 15 hosts were identified, some of which are identified in figure 1 above, along with their names as broadcasted on the network and their MAC addresses. Examples of names of hosts are Askey Computer with the MAC address of FC: B4: E: AA: 58: B2.
The business requires that the firewall should always be on since tools such as Nmap are noisy and can be easily detected where they are used on a network. The firewall, therefore, safeguards the network by acting as an Intrusion Detection System component (Im et al., 2016). This is the best practice policy, and it is one of the tasks assigned to the chief administrator follows up to ensure that all employees understand how to enable the firewall on their workstations and ensure that they always remain at that configuration.
References
Im, S. Y., Shin, S. H., Ryu, K. Y., & Roh, B. H. (2016, July). Performance evaluation of network scanning tools with operation of firewall. In 2016 Eighth International Conference on Ubiquitous and Future Networks (ICUFN) (pp. 876-881). IEEE.
Sullins, L. L. (2017). “Phishing” for a solution: domestic and international approaches to decreasing online identity theft. In Computer Crime (pp. 73-110). Routledge.
Ahokie
NMAP12.docx
0
