Nmap

[MUSIC] Welcome back to another exciting episode here at IT Pro TV. I'm your host, Wes Bryan, and in today's episode, we are diving into the world of none other than something called Nmap. That's right, we've got a special episode here for you today, and joining us today in the studios is none other than Mr. Dan Lowrie. Dan, how are you doing today, sir? Man, I'm doing great, excited to be hear today! Nmap and computer security, one of my favorite topics. So I am really looking forward for us to take a really good deep dive into Nmap, because you may have heard of it if you've been around computers at all for any length of time. Specifically security, you've probably heard this term and this little software bundle mentioned from time to time. And if you have you may what is this and what does it do? And you know that maybe even some nefarious type people tend to lurk about using this tool as well and that's something we need to get into but what is M Map? How do we use it I want you to be able by the end of this series to say I know pretty darn well. I know anybody can kick off a scan. Anybody can grab and map type it into a command line. Use the graphical interface that they have along with it and scan some systems and that's what we're gonna do, but I want you to know what's going on. What's underneath the hood is happening. When I kick off then on. All of the myriads of different switches and arguments that we can throw at it. How do we use those? How do we that to create the correct scan for my environment, what I'm trying to accomplish with that? So I guess it's a good place to start is what exactly is and you're right. It is a good place to start. If you have never heard of nmap before, what it means, it stands for network mapper. Right? So that already should be lending your mind to exactly what it is that we're talking about. We are mapping networks and that's, it's original Intention was, I want to be able to see what computers are on my network, and what are they running, what is it that they're doing? Was there IP addresses, where might they be, what subnets are they on? These are the kinds of things that we're gonna discover and find out with using NMap, and it's a really cool little program, it's not difficult to us. It can be a little overwhelming when you see how many options are available for it. Plus, and I haven't even gotten into the fact that there's a whole entire scripting engine riding underneath the hood as well. And that can also be a little overwhelming. But we're gonna take you from the bare minimum, you've never heard of this thing before, today's your first foray into working with. And we're gonna build from that foundation and ultimately by the end of the series you should have a pretty good working knowledge of the system itself, and be able to utilize it and your networks. >> That's great Dan, when I think of a map in general not even in when you talk about networking in general. When I think of a map, we're talking about like the topography, we're talking about the layout of the land, right. If I need to know what's out there and I need to see exactly what is going on in a certain area. Well what do I do? I grab a map and I look at a map. So when we're talking about end map data, we're talking about something like that. Something that can basically tell us the layout of our network. >> Yeah. It will definitely give you the layout of your network. It might not do this graphically and that is what Wes might be alluding to. There are tools that do that. But they might use Nmap to find out where those machines are, or what they are, or what they do. The graphical mapping portions of things tend to be with things like, such as SolarWinds. These are suites of software that try to give you a more visual idea of what's going on inside your network. Nmap is more specifically for I need, you gotta remember this came from more of a command line era, back when command line was still a very very popular thing. Because a, they run really fast and typically if you're running in a Unix or Variance systems. You're going to be working in a command line a lot. It doesn't mean you Windows boys are out in the weeds. We will get to that, whether or not this works, and how can we get it to work if so. But if you do want to run this, typically you're going to be working in that CLI environment. So, be prepared to jump into a black tight box. Or maybe hacker green if that's what you prefer, and be able to type in a few commands and there's a graphical tool as well, but we'll get to that later. >> Now you mentioned, Dan, that this is a systems administrator, a systems engineer type of software and >> I have to say, kind of playing devil's advocate here like I like to do a lot, it seems like a lot of the utilities that we have out there that can help us define things on our networks. Make sure that our networks are optimized while they are are used by the systems administrators, seems like they can also put the black hat on if they want. And this can also do a little bit of harm and damage to the network as well. >> Yeah. It's not, let's just start here, let's just wipe the slate. And if you've heard anything bad about Nmap. About it crashing machines, crashing networks, bringing down networks. Let me go ahead and dispell any preconceived notion that that's what it's used for. That is not it's intended use. It wasn't designed to do that. If it does do that, it's purely coincidental. It's purely accidental. It's not meant to be crashing systems. If I'm using Nmap as a system's administrator. We're gonna get to what West's real question is there in just a second. If I'm a system's administrator, I'm a network administrator and I'm employing Nmap, it's sure as heck isn't to crash my systems. And I'm not going to use a tool that is known to crash these things. Have I ever heard of end map crashing a system? Like through he said she said, she said he said, right. Through way way beyond, yeah I heard or read about a guy who used in his friend down the street. Employed at one time and it crashed his neighbor's computer. Yeah, I've heard those anecdotal situations, but I've never known anybody that's said I ran NMAP directly and it crashed my system. I've never run NMAP and it's crashed any of the systems that I've worked on. I've been using NMAP since 2001, and I've yet to have a single crash on a system. Now that begs the question of what Wes was asking, do black hats use this? Yes they do. Do they use it to crash systems? If they do it's likely unintentionally, because of why they're using end map. So if it is crashing systems, maybe they found a system that it crashes very well and they want that system to crash. And in that sense they would probably deploy it and say hey, I found a weirdness. And you got to remember that is the hacker mindset. Right. They think outside the box. If you're a hacker and I give you something and I say it is designed to do X You go, great that's awesome. And you learn how to do it to make it do x a million times to do it very well, but the hacker always goes, well what else can I do with it? And how else can I make this thing work? What can I do? What if I threw it at the TV? Would that do something? What if I did this? What if I did that? And that's the hacker mindset. So if they find a way to crash a system using it A, they're going to want to intentionally crash the system, any good hacker. A script kitty, I guess, might go, I crashed a system but all it did was cause a minor denial of service for however long it took them to reboot the system, and then they'll firewall that off and you'll never see it again. So typically, if systems are being crashed through the use of nmap, it's either, A, because they found a way to do it. And that's exactly what they want to do, or, B, it was just completely accidental. So yes, the system admin, he grabs nmap, he puts it in his tool kit of administration tools, of network tools, and says I'm gonna scan a network I'm gonna get everything. I wanna see what's on my systems what everything is running maybe start looking at a vulnerability assessment when we start looking at things of that nature. I want to come at this from a security standpoint and harden my system look at it from that security idea. If I'm a hacker I still am using it in the same way, it's just the reasoning that I'm using it. Right that's really what it boils down to. Systems, administrators, they use this for the purposes of scanning for, to find vulnerabilities, and remove them. Where as a hacker, uses it to find vulnerabilities and exploit them. So that's the big difference between why a SysAdmin would use it, and/or a hacker or a nefarious type might be employing NMap. >> So Dan would it be fair to say that most likely, well what it sounds like is that it's intent, we have a piece of software. >> Seems like it has many capabilities, which we're going to see some of that throughout this series, but it's the intent or the user behind this software that really defines what it does, is that the case? >> I think you hit the nail right on the head with that one, it's all about the intent. How do I intend to use this? And just like anything that is meant >> for neither good nor evil. It's just a tool, it is the person wielding said tool that gives you the whether or not it's been used badly or if the person, we don't go after the creators of Nmap for hackers using it for nefarious purposes. It's just it was never intended for that. It's meant for enumeration is the technical term. I want to enumerate the systems that are on my network. That I have authorization for purposes of keeping track of things. Making sure that I don't have any vulnerabilities that are just gaping holes in my security system. That is its intention. And this has been throughout time as long as computer systems have been around hackers have been saying, hum, how can I. I think if I did this It will do X and that'll be awesome. Let me check that out. So there's nothing wrong with the hacker mind set per say. It's now I want to crash this machine, I want, I've been paid by X company because you're the competitor to crash as many machines as possible. Or to scan their networks, find out what they're running and maybe exploit vulnerabilities in those systems. So yeah, it can be used for evil purposes. But in and of itself it's neither good nor bad, it's just a tool. It's how we use it that's going to dictate whether or not we're good, or we're bad. So, Dan, if I've got my wallet here, ready to go. I've decided, cuz it does sound interesting, that I want to get Nmap, all right? So, I want Nmap, how do we get it? >> That's a really good question. And the great news is about Nmap and all of my favorite software is it costs the low, low price of free 99. That's right, for a limited time only if you act now you too can have a copy of Nmap and when I say a limited time only I mean ever since its inception and creation, it is open source software, it is free to use. It, I believe, is under the GPL licence, the public licence that's available for most open-source software, if I'm not mistaken. And we can dive into that but it's neither here nor there. Basically what it's saying is you can use this software as much as you like. You can even distribute it as, well, as the source code along with it, as long as you don't try to do that for monetary purposes. You don't try to sell this. And if you do wanna give it away, make sure you give the source code along with it. Typically that's the general idea of when we're talking about free, or under the GPL licensing. So keep that in mind. This is something you can go, you can get yourself. Now we jump over really to Wes's real question, which is, all right, now that I know that I can have this and it costs me a whole lot of nothing. >> We know that Wes can afford it. [LAUGH] >> Right, well this is definitely in Wes's will house when it comes to monetary. How do we get this? What do we do? Where do we go? Okay, I'm glad you asked. Let's jump up on my computer real quick. I've already brought up their website. Which is NMAP.org. There we go, so this is the NMAP.org website. Something that you'll definitely want to get familiar with. Not just so that you can just download NMAP and install, even though it's very good for that reason, but there's a lot of information here. Sign up for the newsletters. Whatever they've got, sign up for it, right. Get in on here. If you want to be effective with Nmap, becoming a part of the community is going to help you a lot. Unless you just want a working knowledge, then, of course, you don't have to go through all that. But if you really, really want to have a good grasp of Nmap, what's going on with Nmap, and it's something that you're gonna be using. As a network administrator, as maybe a penetration tester, if that's your goal in life one day. This is something you're going to want to know about a lot because it is a fantastic tool and it's a favorite tool of CS net and penetration testing administrators. So, be aware of that. Let's take a look at the silence, let's bounce around a little bit and then we'll find out how we can actually acquire Nmap from it. So let's go, there is couple of things I just wanted to show you was, like over here on the left hand side. You'll see, it talks about intro, there is a reference guide, an installation guide, this will be worth its weight in gold for you, especially as you bounce through different types of systems. We are going to show you how to install Nmap today, how to get it, how to install it for different types of Unix systems, Linux systems, as well as Windows. So these reference guides for installation are going to be very helpful for you. There's also changelogs, what's going on with Nmap. Are there any new features to Nmap? Maybe there's an update to it, I'd wanna go there, find out and maybe run an update for my Nmap system, if that's necessary. We also have this book and docs again worth their weight in gold. And primarily a lot of the information that I am going to be giving to you is coming straight from this site and straight from the chapters in the book that are available on the website and the documentation that's available as well. I have further experience and references so we'll go a little bit further than what they have but, if you just had this at your disposal, you have a lot to go through. And not only that, but other things like the manual pages. Just tons of information on how you can effectively use Nmap and what is happening when you are running it. So give you that good that overall experience, I know what's happening with my system. >> Is there also, like we have on some other websites out there for different pieces of software. Is there like a community forum where you can, you know maybe some people have used this before? Or is that something that you can kinda research out there, and find forums that use Nmap? >> There's probably, just security forums in general, probably even have like a. >> An enumeration area or an Nmap area because it is so prolific, so widely used. I'm not a hundred percent on whether or not. That's. I'm looking on the page really quickly. I don't see one off the top of my head, but if they do. If I am remembering correctly, if you sign up there is a newsletter that you can get and that will keep you abreast of all the information that's happening with Nmap, where it's being used. Other than that, you can just come straight here to their front page. They keep a lot of the news, you can see right here. Nmap 7.12 is now available. There's the change log and a download link, right, so all the latest and greatest news is going to be right here on their front page. So, again that's NMAP.org I believe. Nsecure.org will also take you here if I'm not mistaken. But I know NMAP.org will because as you can see right here, it does that. Other things just another random aside on the greatness that is this site. If you look over here it says security tools. So when you are ready, and you say, you know what, I really enjoy security. I enjoy finding the flaw and then fixing the flaw, they're going to have a ton of tools that are going to be available for you to download. And it'll let you know whether or not they're free, or if they're pay, or free to try, and then buy different licences, what platform they run on. And as you can see they've got password auditing, sniffers, vulnerability scanners, web scanners, wireless exploitation, and packet crafters and more. Tons of stuff. This website is a great resource for any person in the security realm. So. Familiarize yourself with it. Walk through it. Click on every link cuz there's always some great information there just waiting to be found by you and you'll learn a ton of stuff just by perusing here and reading everything it has to offer. Now that we know that's what's going on with the website, very cool stuff. Let's get to the download page and see what's going on there. So, I can either go here where it says download, or I can run over here to download. Either one takes you to the same place. They try to make it pretty easy for you to actually acquire Nmap, cuz, hey, they wrote the software and they want you to use it. So, let's jump on over to the download page. So it talks about downloading Nmap. This is really like a quick and dirty how to download Nmap for whatever platform you're running and probably even get it installed. If you need the little installation guide, you can jump to that as well and I think there's links to that on each one. We'll see it as we go down. But let's see here. Downloading Nmap, and it's talking about, and Zen Map, you might be like, what's that? NMap and Zen Map. Zen Map is the graphical front end for your Nmap installation. You'll notice I haven't talked about it a lot, and that's because I don't typically use it. I'm not saying that it's bad, don't hear me say that, it's actually a really nice little interface, it's got a lot, but, I would say that if you're a newbie, if you're new to Nmap, Zen Map is gonna be a nice crutch for you to lean on. If you're not, if you're good with a CLI, you're happy inside of a command line, then Nmap is where you're gonna spend the bulk of your time. Because Zen Map tends to hide a lot of what's going on. You don't have to know so much about Nmap to get it to work using Zen Map so that's why I'm gonna focus more on using Nmap instead. We will take a look at Zen Map though. >> Dan, I know that you've got a lot of experience down in the command line, the shell. I've definitely seen it before, fire up a terminal a lot. So are you saying somebody like me, who's been more primarily Window-centric, do a lot in the Gui and I do realize that there's some limitations they don't make a button, well, you're not doing it in the Gui. But the zenmap might be something for somebody like me. >> That's exactly right. Like I said, if you're new to the systems, you're more of a Windows guy, and there's nothing wrong with that. Don't hear me down Windows, I'm not. I've used Windows extensively throughout my career, it's a great operating system for what it does. It's even a great operating system for what I need it for. Everything has its place. Everything is a tool for the proper job. There is no one better than the other, it's just maybe better at this than the other. So, you gotta keep that in mind. If you're running Windows, you can be a penetration tester, you can hack all day long and have a good time and enjoy it. Nmap will work for you. And there is ZenMap as well, which will give you that, hey, and you know what, if you're in Windows, you're a graphical guy. You like a GUI. Make no apologies for that. You can say, you know what, I like GUIs. They work for me, they're very handy. They're very fast, they're easy to get around. I do like it. Sometimes I just want to use a tool. I don't wanna be a master at it. And if you just wanna get your feet wet, you want to start doing some scanning, Zenmap's gonna help you out with that. So let's take a look. Let's go back, kinda random aside complete. Let's jump back down in and take a look at how we acquire this. So one of the ways you can do this is obviously through source code. And if you're a Linux-Unix guy, you've probably done installation from source before, right? Compiling source. If you're new to Linux and Unix, you hear those words and you're thinking, man, I'm getting the sweats, I'm getting the shakes. This whole source compiling thing, that's for real users, I'm not quite there yet. Fortunately, this is a great example of if you've never done compiling from source before. It's not that difficult, it's actually quite easy. It just gives you more options, more ability to curtail the software to your environment and to a way that you want it set up and that's what really the Linux community is all about. It's all about customization for the individual. So don't worry, you can still get it installed very quickly, very easily. It's basically three commands and you're done. It's very simple. And we'll take a look at doing that here in just a few minutes. Now, let's look at some of the other ways that we have. Here's the Microsoft Windows binaries, and he's like, well, what is a binary? Basically an executable package. Like a package that for installing software on Windows. That's what they're talking about when they say binaries. You'll notice right there the familiar .exe type of download and installation. The cool thing about it is if I'm not mistaken, and I might be, I just can't remember off the top of my head because I don't typically use Windows for this, but I think Zen Map becomes bundled with Nmap when you install on a Windows operating system. So you get the best of both worlds. You can run it from your command prompt and you can use the zen map front end. And if not, easy enough fix, we'll grab the zen map front end, install that so that you have the best there as well. All right, let's see what else we have here. Here's Linux RPM source and binaries, and MAC OSS binaries. So Linux, if you've worked on Linux at all, RPMs is a red-hat package manager, it's basically kinda like what we saw with the binaries for Windows. It says double-click and it installs. You have a command line utility as well for RPM to download an RPM and install it to your system. And you have to know those systems. I don't think I'm gonna install using RPM because RPM typically isn't how we install software on Linux and Unix systems any more. Not that's it out of the realm of possibility. It is. It's definitely there if you like RPMs, grab the RPM, you're familiar with that, use it, it's not that difficult. A little quick perusing of the man page will get you up an running very, very quickly, but we're going to use, and you'll notice you don't see that here, is what's called package management systems for our Linux variance. We have the Debian type of package management was the app to get and we have the Yum package management system which is for Red Hat CentOS Ttpe of systems. So the two different architectures have their two different package management systems. That's what we're gonna look at today and we're gonna install from source, as well. So we're gonna look at those different things. One thing I do wanna say about Mac OSX is you, this is the one that's a little more difficult. So if you're installing on Mac, you just gotta know that if Mac runs BSD under the hood, right? So it's got the Berkeley System D under the hood. It's a true Unix variant. It's not a Linux system, it's a true Unix type system. There can be, especially when it comes to Zenmap, you need some extra, which is called I think Xcode, that goes along with that, which you'll need to support the graphical front-end and make it work. And preparing for this system, I did some updating and screwing around with my system, and I've completely broken it. It's not really that detrimental to our show. So we're gonna go ahead and run with that ball. Not that big of a deal. Again, we're gonna focus a lot of being inside the graphical environment. I think that if we want to use Zen Map, we'll run over to our Windows box because typically that's where you're gonna be seeing it used. Most people that run Nmap from any system, including Mac, are running it from a CLI. So that why I said, I don't think it really hinders us. If we need to see Zen map, we'll fire up Windows and play with Zen map. If we don't, we'll just continue to work in whatever CLI, it'll either be Linux or my Macintosh. Very, very simple. Let's get down and dirty. Let's get to business. I know that the clock is over there ticking away like a slave master driving us, let's install some software. Let's do it. Let's go ahead and jump on. Let's see what the first system I have To play around with this. Okay, so here's Ubuntu. I think this is as of it least the last few weeks the latest rendition of Ubuntu, it's 15 point something or other. That's neither here nor there. Really how is it that we're gonna get Nmap installed on our system and that's going to be through. Since this is a dev invariant we're gonna use app to get system. >> That was the question that was gonna be. You said there were two different ways you could install this. I was about to ask you what's under the hood when we say Ubuntu because just because the adistro says one thing, it doesn't necessarily mean that it's as all Linux is. It usually has and MAC, it's got something under the hood that really dictates how we install. >> Yeah that's exactly right. You do need to need to kind of understand your architecture a little bit. Be familiar with your own system, that's gonna help you. But if you're at this level, if you're like hey I wanna start playing with Nmap, you've probably got some computer time under the belt. So if you don't, if you're like man I'm completely new to this whole Linux Unix area and I wanna jump into that. Wes makes a really good point. You need to know what type of variant are you. Are you a Debian which is a main fork of Linux, or are you a Red Hat which is one of the other main forks of Linux. And they are typically any derivation there of, it just means that you're either being so if I'm running a Bluetooth, that's a Debian variant. Actually Ubuntu has been around so long and so copied that it's starting to become its own major fork. Even though it's still under Debian because it is a Debian variant and it doesn't work like the other Debian systems. But it has been widely copied and widely changed and used as a platform to create other Linux operating systems. I think of Linux Mint, very popular, I use it myself. It is a Ubuntu variant which therefore makes it a Debian variant. So you'll see apt-get again under the hood for package management. When we jump over to the other Linux system, we'll see that as well, which is CentOS is a Red Hat variant. So you gotta know those major systems, what's happening there. So let's look at my system, let's get in here. First thing I need to do is open up a terminal right? So let's see here, well actually I'll just type terminal and look at that. I've got a few options, I'll just take the first one. Let me go ahead and make this a little easier if I can here. Control, well I used to be able to do this. I'm hitting the wrong button that typically doesn't help here. I'm not hitting the wrong button, I'm hitting delete. Well, there we go. I knew I could find it. All I had to do was hit the right. The Mac keyboard really throws me off. I'm so used to a standard IBM type keyboard. But, there we go. All I did to do that was hit the shift control and plus key in, bumps the font up for us. Gives us better resolution for you guys to see. But now you can see, I'm in my terminal, what do I gotta do? First I gotta check and make sure I am running a Debian type system, and the easy way to do that is to see if the apt packet manager is available for me. So I can just do something like, apt dash get, and then dash dash help. Something like that. And you'll see, if I get output, I know the system's there and it's saying, hey! You know, either this help function is a valid way to get help, or you've typed in something I don't know, so here's some output on how to use this system. It's a really quick and dirty way to find out whether you have it installed on there. I do, because there it is, it's running. You'll notice I can do an app-get-dash-H, and I would have also done that. Of course, my computer is going to freak out on me here. Let me just, there we go. Back into action here. My computer's trying to go crazy on us, with that being said I know app gate is waiting, and I can use that, so let's do that. All you have to do is remember if you need to install software, you have to be a super user. You have to be administrative privileges, so typically you don't log in as the root user, which is the Linux super user account. So you'll use a little switch called sudo or sudo, whatever you like. So you just do sudo, like that. If you're part of the sudo group, then you will be able to elevate your privileges to do this one function. Once it's done it'll drop you back down to a standard user. So I'll do sudo and then I'll say apt-get install and then say Nmap. Okay so this is basically how it's done. I'm gonna say hit return it's gonna ask me for my password. It's gonna let the system know I am who I say I am. So I'll type that in and now it's looking for the package it has found it. And saying okay, after this operation 18 MB of space will be needed. Here's what we found. These are the new packages that will be installed. So it's showing me this, so if there's any dependencies and libraries and things of that nature that are necessary for the installation, this is what it's gonna do. So do you want to continue? I sure do. Hit Y, hit return, and now it's downloading and installing. Now for some of us that maybe use the Windows operating system, Dan, I can assume, and I'm gonna assume here, and you can correct my assumption if I'm wrong. That it's reaching out to some public repository, it's finding the exact package that you want. Verifying that package and then pulling it back down and installing it? >> That's exactly right, with these package managers, >> There are repositories that they look for to say is this there. If you know that there is a software that is available through the App-Get system but it's not finding it, it's probably because you need to add a repository. That contains that software. That's a little beyond what we're trying to do here, normally this is going to work. If you need help with that, don't be afraid to ask us in our forums or something of that nature. We'll steer you in the right direction. But I think most standard repositories are going to include Nmap, cuz it's the tried and true software. It's been around a long time, you're gonna see with just about everything. As you can see it didn't take very long, it's text based, it's very small. It is installed! Now, if I just do Nmap, you'll see that I have Nmap available. We can even probably glean if it got the latest and greatest. Let's see here. And you can see there's a lot of options, so it grabbed Nmap version 6.47. If i wanted to update that, then I could run an update command on my app get, make sure that it was getting the common. But this is fine, this will work with every one of our, if you want to run 7.1 too, that's fine as well. That will work. All of the stuff that we are going to do, is going to work regardless of whether you're using 6.47, or the latest version seven of Nmap. So pretty simple, very straightforward, very easy. Let's jump over to CentOS and see how that differs. Here we are again, basic operating system. Basically, you just need to log in over here and grab me a terminal. Let me go to recently used. I actually use this computer so Let's try this again. Hey, look at that. I am getting better at it everyday. Again, you will need to elevate privileges so we'll need a pseudo command. You could in theory be logged in as root, like I said, but that is a dangerous practice. So we'll typically just use the pseudo commands to elevate and de-elevate as necessary. So, we need the yum. So, yum is what is going to get us the installation for a sent OS or red hat variance. So, yum install, and then we'll just say Nmap. Asking me for the password one more time. And here we go. Basically, doing the same kind of thing. It's checking a repository, is this software package available? Do I find anything by that name? Or maybe a variant of that name, maybe an alias of that name? Do displace that to me, let me know, there it is. It's giving me version numbers, and I guess that's for Nmap. And then telling me the size, and all that thing. Do I wish to continue? Yes, delete. Now the weird thing about yum is it kind of actually saves the fact that, if I did look up and I decided here, you know what? I wanna wait. Maybe this version isn't to my liking, and I wanna verify before I continue, and I hit no. It'll actually save the session, and I can come back and run the session And instead of running Yum install nmap, you know that's pretty simple as well, I typically just rerun the command because it's not that difficult. So for here, so you do have the delete option and that's what that means. It's deleting this as a session. But I want yes. There we go. Downloading, again a very small package. Installing. And look at that, we're complete. Very quick and easy to get installed on Cent. Now since we're here, let's go ahead and let's do a source install as well, okay? So what I'm gonna do is I'm gonna uninstall here, let's say sudo yum, I think it's erase, and I'll say nmap and there we go, so it's asking me if this is okay. Yes and now it's completed. It is removed. Let's open up a web browser, go to the site and actually download the source code itself. So let's see here, go to recently used, grab a web browser. And we will go to Nmap.org. Go to download, find source and binaries, here they are, and they even give you a handy little look, right here. Very, very simple to make this work. So we just want to grab that. Actually, I think I may have even downloaded it already. Let me check it real quick here. Let's see here. cd Downloads. And look at that. I am the man. I have already prestaged this whole environment. All I would do is download the link. Obviously, you click the link. It says do you want to save this? Yes or no. And that's what I did. I saved it. So here it is, Nmap 7.1 to T-G-Z and all I have to do is follow the directions right here. Is Bzip, I could even copy and paste this if I want. That's a little too much. I don't need that. And grab that. I'm over. There we go. Get to the console, paste that in there and hit return. I guess I did need that whole tag on the end. It's giving me errors here. No such file. What is? That's because I didn't get the BZ2. Look at me I'm getting ahead of myself. I guess I just grabbed the tar file itself. So this is TGZ, so do I have to go an unzip it? I don't remember, lets just try tar -zxvf should then give me the Nmap at some point 1.12, there we go. There we go, so now I've unzipped the folder. I do an ls, there should be nmap, there we go. So now all I have to do is go into that directory that is created. That's where all the installation files are. So, cd into nmap and if I do an ls, here's all the things that we need. Here's where it start's getting tricky. Okay, uncompressing a zip file and dumping its contents into a folder, I can hang with that. But it's this compilation stuff, this compiling source that I'm not familiar with. Again, not a big deal, it's pretty simple. Three short commands, we do a ./configure. Actually I'm gonna just I'm gonna sudo everything just cuz I like to have that level of control. Configure, yep, that's right. And hit enter, right? Now, that's running through. Craziness is happening right here and I can't follow this. Not a big deal. It's just basically building the package for you. It's saying, here's all this system. I'm looking at this system, I'm saying, okay, I'm running on Cento S, I'm running on this type of architecture, here's the CPU. What kind is that? All that other good stuff, it's figuring that out. What is this system I'm trying to install on? And that's compiling and you get a cool little graphic out here, saying the configuration is complete. So Nmap has been configured, now we gotta do a little extra. Sudo make, and this is actually going to build the package right? So we hit return. And off we go. It's billing. If there are any library dependencies or anything like that, this is typically were we'll run into errors. So if I needed a library it would error out and give me a dependency not found, things of that nature. This is why people tend to be afraid of using or compiling from source is because it can be a lot of leg work. There's no doubt. If your system does not support what it is that you're trying to do you're gonna spend all day running around trying to find the dependencies, installing those, maybe those dependencies have dependencies and you start seeing why people are like, that evil compiling from source. And yeah it can be a lot of work but as you get better at doing it as you get more familiar with the operating system as you get more familiar with the software that you're installing and the options that are available at install time, it lends you to be able to more tightly conform it to what it is that you're using the system that you have. So, we're giving you the quick and dirty way of installing through compiling from source. But there are much further options and ability through doing up this way. And looks like we're done. I don't see any errors. Everything looks good. We got one more command to do and that's sudo make install. And that's what actually makes it available to the system as a program. Here we go, successfully installed. Looks like we are now Nmap ready on that system. That's it. That's what all it took. You ./configure which runs the configure script. You do make which actually builds the program and then make install which actually installs it. That's compiling from source everybody. Nmap should be ready to rock on this and there it is. It's good to go even though I didn't use the much more convenient Yum applications manager. Now, Wes, we've got one more and I know our clock is super, super gone. >> Yeah [LAUGH]. >> I don't know how far over we are but we've got one more and that's Windows. We'll run through it as quickly as possible because it's Windows. It's super easy, right? So let's go over to the Windows machine. Let me get logged in. And I believe I've already even downloaded it for us. I think it's in the folder here. Went to Nmap.org, went to the downloads page. Grab that link that said Download Windows Binaries, right? That's what it was. That Nmap 7.12.exe. And probably in the Downloads folder. There it is right there, setup, double-click. Yes, you'll notice that you get the UAC prompt, it's saying hey you're installing software, you've gotta have administrator privileges here, do you want me to do this? Here comes the EULA, the license agreement. Read through it, definitely I don't think it's too long. You'll only fall asleep two or three times getting through it. I'm just going to click I Agree because I do. And here we go. All the options are available. All the tried and true easiness of Windows, what it's known for, why we love it so because of its ease of use. And look, there's Zen Map already installed. Notice it's also installing End Cat which is Net Cat, the swiss army knife of network tools. It is a very nice thing to have as well. Ndiff, Nping, Packet Generator, Scan Comparison Tool. Lot of cool stuff in this suite so I'm just gonna go with the defaults here, hit next. And of course there was a description next to each one of those so if you don't know what they do, just hover over it. It will give you the description off to the side. So it's asking me where I want to install it at, default's fine for me. Maybe you have a different system so know your system, where you install software, we'll hit Install and off to the races. Again, it's not a huge operating system even with all the extra bells and whistles that we just saw it doesn't take a long time. I'd be surprised if it took two minutes. This is something that you do need to know. You'll notice that it's giving me another licensing agreement for. Winpcap, what is that? The Winpcap is a driver that allows us to put our. Our network card into what's called promiscuous mode. It's saying normally when network traffic comes to your card, if it's not for your system, it's not destined for you, it just drops it, it just says well it's not for me, I don't need that data. But what if I wanted to see it, right? What if I wanted to see that data, I didn't want to just drop it, I wanna take a look at it. The WinPcap is what's necessary for that. And since we're doing a lot of that type of functionality and we'll need that for further down the road and getting more advanced, we need to install this here at run time. Luckily, if it senses that you don't have the WinPcap installed, it will throw it up and say, hey, you need to install the WinPcap driver. So I'll agree to that as well, another really quick and it's done. I click next, start the WinPcap service now. You can make these decisions as you like, again, I'm going with all the defaults when Pcap is installed. And when that's done Nmap is not far after again, this just took me two minutes, if that. Start to finish, very, very simple. I click next. Says do you want me to create a desktop icon? That will give you the Zenmap GUI. Do you want me to start menu for. Again, I tend to stick with defaults unless I don't wanna clutter up my desktop. But hey it's nice to have a graphic right there for me. Click finish and now if I either open up a command prompt which again you've gotta remember and this is something we'll get into later, but I'm gonna mention it right here because we're in Windows in Windows if you open a regular command prompt you have no administrator privileges. You have to do the right click Windows administrator and then you get admin M Map runs differently when you're logged in as our standard user versus an administrator, so keep that in mind as we move down the line and what we can do within that data and do I need to have elevated privileges. So just keep that as a heads up. I'm not interested in that I just want CMD. So I can either, let me zoom in here, and I can either just type Nmap. Again get the same kind of standard output that we're used to seeing from the other terminal or I can go to Zenmap Gui and we'll get a little sneak preview of it right here, very, very nice, right? Good old fashioned. The cool thing is it does tell you whatever you're trying to do. If I say I don't know we're going to grab different types of scans. Whatever I do, it shows me the actual command line output, or input should I say, for the CLI. So if I wanted to do this in the CLI, how would I do it? Well there it is right there. I come and use, like I said it's a great crutch for anybody just getting started having no command line experience this is going to help a lot, and if you are just having trouble, why isn't this working correctly? Jump over to Zen map and run it from one of their default scans and see. I missed the dash A. I wasn't doing that, cool. Now you know what to do. It's a really great help. But its very straightforward and we'll get more into the look and feel of the thing in other episodes. But, that's basically it. We've seen it installed on Lynux which is basically the same way we would install it in Mac OS as well other than that X code for Zenmap. But also we've seen it installed on Windows. Hopefully you guys are trudging right through this. This is not too difficult. If it is, make sure just give us a, give us an ask there in our forums, we'll be glad to help you guys out. But Wes, that's all there is to it. We've got Nmap installed, we've got Zenmap installed we are now, we have the platform ready for us to jump off and start scanning systems. >> Well thank you for that information Dan. Keep in mind what have we looked at in this episode. We told you what Nmap is, we told you where to find it and Dan you've been gracious enough to show us how to install it, but yet we are flexing the muscles on the clock on this episode for sure. But before we go, got anything else, any other piece of advice for us? >> Yeah, just be really careful, like if you have installed NMap, don't run out and start scanning all the systems in the world. Your service provider might frown on that, even if you have permission to do it. You want to be real careful to not scan anything that you don't have specific permission for. At least not until we get later in the episode. We want to get you more familiar with things. Don't go crazy, we don't want you wielding this like a kid with a gun, right? It can be dangerous so set up a scanning system, scan your own systems. Scan one, two, seven. .0.0.1, right? Start scanning your own platform, see what you can find, and start playing around with it. And, we'll definitely get you better able to use it in subsequent episodes. But that's about it. Wes, it should be ready to rock. >> I tell you, Dan, thank you for all that information. And thank you to our viewers our there for watching, but we're going to go ahead and take this time to sign out. Signing off for IT Pro TV, I've been your host Wes Bryan >> I'm Daniel Lowery >> And we'll see you next time. [MUSIC]