“The network is slow!” Almost everyone in Information Technology has heard the cries of the end user community when their important application begins crawling. Because of the complexities associated with modern application infrastructures, technology professionals are often challenged to determine the source of the slowdown. Is the application sluggishness related to the network, security configuration, the end-user workstations, the server, or the application?
In the last mini-training course lesson, we learned about the different methods of gathering the network traffic created during our Nmap scans. In this lesson, we’ll go through our trace file and see exactly what happens when Nmap hits the network.
A primary goal of network security professionals is to protect the network while maintaining maximum availability and performance of the network applications. These Nmap options will provide additional opportunities to optimize your security scans while keeping the network at peak efficiency.
Although running Nmap with the default settings is very easy, it leaves an amazing amount of Nmap functionality unused. Nmap includes FIFTEEN different Nmap scan methods, and most people only use the default! There’s a lot of power just waiting to be tapped.
If you’ve ever run Nmap alone on the command line with simply a target IP address, then you’re probably using an inefficient method of performing your Nmap scans. Nmap includes many different command line options so you can tailor each scan to the results that you need.
Nmap is an incredibly useful tool, but it’s even more useful if you understand the results of an Nmap scan. After a scan is complete, Nmap will categorize each scanned port into one of six states; open, closed, filtered, open|filtered, closed|filtered, and unfiltered.