Nmap Training Course

**canavaroxum** · 11-01-2010, 23:18

بسم الله الرحمن الرحيم Nmap Secrets Module Overview

Do you know these Nmap Secrets?

Module 1 – Getting Started with Nmap

Module One will provide you with an overview of the entire course, along with a sneak peek of the secrets that we’ll uncover along the way.

(23 minutes, 18 seconds) Nmap’s features go well beyond port scanning, to include a v_______ i________, o___________ s______ f______________, and i____ s________.
If always having the latest Nmap features is important, then you may want to consider using _____ as your primary Nmap operating system.
Although Nmap’s Linux installation process is very flexible, it does require a ___ ________.
If you’re going to run Nmap from a Live CD distribution, we recommend _____ _______ _________ ________, ___, or ___.

Module 2 – Nmap Basics

Module Two provides an overview of network protocols, the Nmap scan process, and we’ll learn the secrets for increasing the speed of this process. We’ll also run our first Nmap scan and analyze the results.

(19 minutes, 10 seconds) The protocols __, ___, ___ and ____ are the foundation of IP networking, and they’re also the protocols that Nmap uses to perform its magic.
_____________ ________ _______ is the most used IP-based protocol on the Internet.
The ____ protocol doesn’t transfer any application data at all.
Although the Nmap scan process occurs quickly and seamlessly, Nmap usually performs ____ steps each time a scan is executed.
By default, Nmap won’t scan a remote device unless it can confirm that the device _________ _______.

Module 3 – Scans for Every Occasion

Module Three introduces four of the most popular, most useful, and most versatile Nmap scanning methods. Even if you learn of no other scanning methods, these four scan types will get your through the vast majority of Nmap scanning situations. The TCP SYN scan, TCP connect() scan, Ping scan, and UDP scan provide different information for use in different situations. By the end of this module, you’ll be very familiar with these scans, and you’ll have a perfect understanding of when to use each scan. You may never run Nmap with just the default options ever again!

(30 minutes, 11 seconds)

If you’re the Administrator in Windows or running at root in Linux, you’ve probably run the ___ ___ scan by default and not even realized it!
_________ will usually delay a scan due to the number of retransmissions that Nmap performs in an attempt to get a packet through the network.
The SYN scan greatly increases the number of ___ frames sent across the network.
If you don’t have privileged access, a good option to the TCP SYN scan is the ___ ________ scan.
Other than the TCP connect() scan, the only other Nmap scan that identifies TCP ports but doesn’t require privileged access is the ___ ______ ______.
The ____ scan is one of the quickest scans that Nmap performs.

Module 4 – “Back Pocket” Scans

Sometimes, you’ll run into a situation where a normal Nmap scan isn’t providing you with all of the information you need. This may be a situation where remote devices aren’t responding, or perhaps you aren’t able to identify any available ports on a remote device – even though you can easily connect to its web server! In these situations, it’s useful to have a few tricks in your back pocket.

(24 minutes, 31 seconds)
From a security perspective, a “__________” ___ server is a serious concern and you don’t want to find one on a production network. However, if one happens to be available, it’s extremely useful for gathering information about remote devices.
The ___ ______ _______ is useful because of the extensive scanning you can do “through” a firewall.
The _________ is quite stealthy, since the target device never knows the IP address of the Nmap station performing the scan.
Nmap’s idlescan is only useful if you can find a ______ _______ with predictable _____.

Module 5 – Useful Scanning Options

In module five, we’ll concentrate on some useful scanning options that will assist you with building Nmap scan sessions that are effective and efficient. First, we’ll show you the secrets to easily excluding or including target addresses for your Nmap scans. We’ll discover how to exclude from the command line, and we’ll also show you how building a file of IP addresses or names can integrate the Nmap scan process with other network utilities. During a scan, we’ll often want to know the status of a particular port. With Nmap’s port number options, we can limit our scans to specific applications and focus our efforts on identifying the systems that interest us the most.

(18 minutes, 14 seconds)

One of the easiest ways to exclude target systems is on the ____ ________ ____.
With a single command line option of _____________, we can control exactly which remote devices will be scanned and which will not.
Nmap is very flexible when specifying IP addresses. You can use h_______, C____-b______ a________, or use an a________.
Scanning for small groups of ports on the command line is easy with the ___ parameter.

Module 6 – Nmap “Pings” – The Search for Hosts

There’s a lot to Nmap’s ping process, and we’ll start with defining a ping. From there, we’ll move to Nmap’s default pings – the ARP ping and the ICMP and TCP ACK ping combo. To really make the most of Nmap’s pings, we’ll also investigate the details of the TCP SYN ping and the UDP ping. And then, after spending all of that time and effort learning about Nmap’s ping process, we’ll show you how to turn it off. Why would you want to do that? Don’t worry, we’ll show you all of the secrets!

(23 minutes, 42 seconds)
The Nmap ping is considered successful even if it gets an _____ _______ from a remote device.
__________ the ping process can add enormous time to your scan if you are scanning a range of IP addresses and a number of IP addresses aren’t active.
As Nmap pings go, the ___ ping is extremely reliable.
If an Nmap ____ ____ ________ returns a response, you can be relatively sure that most other protocols will also pass without filtering.

Module 7 – Recon Scanning

In this module, we’ll investigate the secrets of network reconnaissance, and we’ll take you through the details of two major Nmap features – operating system fingerprinting and version detection. After this module is complete, you’ll understand the power behind the recon scans and know exactly why Nmap is one of the most impressive security tools available!

(13 minutes, 52 seconds)
Nmap can determine the operating system of a remote device without ______________ ____ the system or opening an ___________ _______.
For an operating system scan to operate at peak effectiveness, Nmap must have identified at least one ____ ____ and one _______ ____.
Without logging in, Nmap is smart enough to determine the ____, _____, and ________ of an active service.
In the version detection scan, Nmap really doesn’t care what _____ ___ _______.

Module 8 – Ninja Scanning

In this module we’ll introduce you to Nmap’s art of invisibility. You’ll learn all of the secrets of using Nmap on a network in stealth mode, where you can come and go like the wind.

(14 minutes, 44 seconds)

By default, Nmap will ____ every device on every scan, regardless of the scan type.
To be the most invisible network ninja, you’ll want to disable the ____ _______.
For the best possible ninja scanning, always run as a __________ ____.
If multiple timing options are used on the command line, Nmap will use the last _______ as the priority.
The ______ ______ ________ option disregards any host exclusions, so if there are devices that should never be scanned this may not be the best option to use.
With Nmap’s _____ ______ _______ s________ option, a network ninja could anonymously scan any device on a local IP subnet.

Module 9 – Output Options

Nmap includes a number of output options, and this module takes us through them all. We’ll show you the differences in the output options, including how to convert Nmap’s XML output into some great HTML-based reports. You won’t want to miss this!

(15 minutes, 1 second)

Nmap’s “_______” output format works well for printing or for use in a document.
If you need to search through a large quantity of Nmap output, the ________ output format is a perfect choice.
If you use the ___ output format, you can get an HTML version of Nmap’s output automatically in any modern web browser.
When resuming an Nmap scan, it’s important to understand exactly when a scan to a host has ________ ___________.

Module 10 – Windows and Nmap

In this module, we’ll learn about the history of Nmap and Windows – both the good, and the bad. Although there have been some significant operational issues with Windows, the few Windows-related issues that exist today are easy to work around, and we’ll show you how. Although Windows handles Nmap well, it’s still not perfect. There are a few downsides to using Nmap in Windows, so we’ll walk you through the good with the bad.

(12 minutes, 6 seconds)

All Nmap-specific registry changes and required software drivers are included with Nmap’s _________ ________.
It’s impossible to run Nmap on a third-party Windows computer that doesn’t have _______ installed.
The slowest part of the Nmap scanner in Windows is the ___ _______ scan!

Module 11 – Real-World Nmap Scanning

In this module we’ll discuss six Nmap scanning techniques that can get you through some pretty nasty security problems. First, we’ll look at identifying the remnants of a virus outbreak or spyware infestation. These situations often leave some residuals traces, and we’ll show you the secrets to finding all of the shrapnel. Then, we’ll move to a more traditional use of Nmap – vulnerability assessments. Once we’re sure our systems are secure, we’ll have a look at ongoing testing with some security policy compliance testing. Our administrative tasks then turn to asset management and keeping track of all of those systems throughout the network. Another great technique of Nmap is the ability to audit firewall configurations. Can Nmap make it through your barriers? We’ll find out! And finally, we’ll learn the secrets behind keeping your network safe every day of the year with perpetual network auditing techniques.

(21 minutes, 06 seconds)

On a network with many devices, the __ option can provide a dramatic speed increase over the huge number of ports in a default scan.
By using the _____ option, we can tell the network team that there’s no possible way for our security scans to interfere with production traffic traversing the WAN.
____ ________ is one of the slowest parts of any scan. Disabling this feature with the __ option may provide some significant speed increases.
When auditing firewalls, the Nmap ___ scan is a perfect solution for determining what’s filtered and not filtered.
The ___ scan is very passive, and it’s very unusual to have this scan cause any type of harm to a network service
links
https://www.megaupload.com/?d=2DO98TO9

https://www.megaupload.com/?d=4UNMY59X

https://www.megaupload.com/?d=UA69BE2G

https://www.megaupload.com/?d=V89EVZG1

https://www.megaupload.com/?d=7ZINB1HV

https://www.megaupload.com/?d=SDP5QC1J

pass
manhndhn
:ah16::ah16::ah16::ah16::ah16:

links(mirror ) with RS

https://rapidshare.com/files/2019709...ning.part1.rar
https://rapidshare.com/files/2019708...ning.part2.rar
https://rapidshare.com/files/2019709...ning.part3.rar
https://rapidshare.com/files/2019720...ning.part4.rar
https://rapidshare.com/files/2019719...ning.part5.rar
https://rapidshare.com/files/2019714...ning.part6.rar

i hope that will be helpful

**rOcK Dash** · 12-01-2010, 11:56

جزاك الله خيراً

**sincere** · 20-01-2010, 12:56

thanks alot brother

جزاك الله خير

**sincere** · 20-01-2010, 13:19

السلام عليكم

اخي الكريم ما هو امتداد الفايلات انا حملت بس ما فتح معي ؟؟؟؟

**canavaroxum** · 20-01-2010, 15:40

السلام عليكم
yes brother ,try to open it with 7zip (it's the extension .7z by the way) u can download the software from :
https://www.7-zip.org/download.html

**NICEHACKER** · 20-01-2010, 16:24

الاداة ممتازة جداااااااااااااااا
تستخدم لفحص البورتات

**sincere** · 20-01-2010, 18:43

المشاركة الأصلية كتبت بواسطة canavaroxum

السلام عليكم
yes brother ,try to open it with 7zip (it's the extension .7z by the way) u can download the software from :
https://www.7-zip.org/download.html

السلام عليكم جزاك الله خير اخي معلش حتعبك معاي شويه
انا نزلت البرنامج 7z بس بردو ما فك الضغط ؟؟؟