Blog Details

Network Mapping

image
OSINT: NETWORK MAPPING

Disclaimer
Do NOT preform network scans on networks without prior authorization.

Tools
We will use SCYLLA VULNERABILITY ASSESSMENT


Background
This blog post doesnt require one with a basic understanding of how network mapping occurs, SCYLLA VAâ„¢ can take care of it.

Purpose
Identifying the probing of individual network systems for the purpose of obtaining vital information about it. Packet(s) are sent with various network flags set (SYN, ACK, FIN, URG, PSH) in order to solicit a response from the target system. The different response(s) are known to mean specific things are true.

Requirements
To perform a network scan the system performing the scan must have one of the following IP Address of the network to be scanned, an IP Address CDIR range, or a domain name using SCYLLA VAâ„¢ interface.

Common Issues
Firewalls and Systems can be configured to drop or not respond to the various network flags based on various criteria. 

Use Cases
SCYLLA VAâ„¢ will take care network mapping using built-in nmap options, is used for mainly two purposes Asset Management and Vulnerability Scanning.

Vulnerability Scanning
One of the uses of network scanning is for identifying vulnerabilities of individual network systems. This is done through a process called Fingerprinting in which the collection of information relating to an individual system is obtained. It is a best practice to use verbose when using the TCP fingerprinting method as to gather logging information for trouble shooting purposes.Key information from Fingerprinting is (but not limited) to:
Services running
Operating systems
Device type
OS CPE
OS details
Uptime guess
Network Distance
TCP Sequence Prediction
IP ID sequence generation

Asset Management is the process of maintaining current information on system inventory. In addition to the physical inventory the capability/usage of the system can also be cataloged. This process is similar to Vulnerability scanning with a change in focus for the resulting information. One may be more focused on an individual systems uptime or services running for the purpose of identifying a systems role in the organizations infrastructure.

Resources
SCYLLA VAâ„¢ for scanning, enumerating
Legally Practice Scanning on these websites using license/consent

References
1. Nmap 6 Cookbook: The Fat Free Guide to Network Scanning by Nicholas Marsh
ISBN-10: 1507781385
ISBN-13: 978-1507781388
2.  Chapter 15 Nmap Reference Guide
3. Nmap Options