How to perform a TCP port scan on Metasploitable2 using Nmap in Kali Linux

CybersecurityCybersecurityBeginner
Practice Now

Introduction

In this Cybersecurity tutorial, we will explore the process of performing a TCP port scan on the Metasploitable2 virtual machine using the Nmap tool in Kali Linux. This hands-on exercise will help you understand the fundamentals of network scanning and its role in the world of Cybersecurity and Penetration Testing.

Introduction to Cybersecurity and Penetration Testing

Cybersecurity is the practice of protecting systems, networks, and programs from digital attacks. It involves a wide range of techniques and tools to identify, prevent, and respond to security threats. Penetration testing, also known as ethical hacking, is a crucial aspect of cybersecurity. It is the process of evaluating the security of a system or network by simulating real-world attacks.

The primary goals of penetration testing are to:

  1. Identify vulnerabilities: Penetration testers use various techniques to uncover weaknesses in the target system or network that could be exploited by malicious actors.
  2. Assess the impact of vulnerabilities: Penetration testers evaluate the potential impact of identified vulnerabilities and the damage they could cause.
  3. Provide recommendations: Based on the findings, penetration testers provide recommendations for improving the security posture of the target system or network.

Penetration testing can be performed on a wide range of systems, including web applications, mobile apps, IoT devices, and cloud infrastructure. One of the commonly used tools in penetration testing is Nmap (Network Mapper), a powerful network scanning tool.

graph TD A[Cybersecurity] --> B[Penetration Testing] B --> C[Vulnerability Identification] B --> D[Impact Assessment] B --> E[Security Recommendations]

Table 1: Key Aspects of Penetration Testing

Aspect Description
Scope Defines the boundaries and targets of the penetration test
Methodology Outlines the steps and techniques used during the test
Reporting Provides detailed findings and recommendations
Ethical Considerations Ensures the test is conducted in a legal and responsible manner

Penetration testing, when performed ethically and responsibly, can be a valuable tool in the LabEx cybersecurity toolkit, helping organizations identify and address security vulnerabilities before they can be exploited by malicious actors.

Understanding Network Scanning with Nmap

Nmap (Network Mapper) is a powerful open-source tool used for network discovery and security auditing. It can be used to scan networks, identify running services, and detect vulnerabilities. Nmap supports a wide range of scan types, each with its own purpose and characteristics.

Nmap Scan Types

  1. TCP Connect Scan: This is the default scan type in Nmap, which attempts to complete the full TCP three-way handshake to determine open ports.
  2. SYN Scan: Also known as a "half-open" scan, this technique sends a SYN packet and waits for a SYN-ACK response to identify open ports, without completing the full TCP handshake.
  3. UDP Scan: This scan type is used to identify open UDP ports on the target system.
  4. Idle/Zombie Scan: This advanced technique uses an "idle" or "zombie" host to perform the scan, making it more difficult to trace the scan back to the original source.
graph TD A[Nmap] --> B[TCP Connect Scan] A --> C[SYN Scan] A --> D[UDP Scan] A --> E[Idle/Zombie Scan]

Table 1: Comparison of Nmap Scan Types

Scan Type Description Advantages Disadvantages
TCP Connect Completes the full TCP handshake Reliable, easy to implement Can be easily detected by firewalls
SYN Scan Sends a SYN packet and waits for a SYN-ACK Stealthy, faster than TCP Connect May be blocked by some firewalls
UDP Scan Scans for open UDP ports Useful for identifying UDP-based services Can be slow and unreliable
Idle/Zombie Uses an "idle" host to perform the scan Difficult to trace back to the original source Requires finding a suitable "idle" host

Understanding the different Nmap scan types and their characteristics is crucial for conducting effective network reconnaissance and penetration testing. By leveraging these techniques, LabEx security professionals can gain valuable insights into the target network and identify potential vulnerabilities.

Performing a TCP Port Scan on Metasploitable2 in Kali Linux

Metasploitable2 is a deliberately vulnerable Linux distribution created by Rapid7 for the purpose of security testing and training. In this section, we will demonstrate how to perform a TCP port scan on Metasploitable2 using Nmap in the Kali Linux environment.

Preparing the Environment

  1. Ensure you have Kali Linux installed and running.
  2. Download the Metasploitable2 virtual machine from the Rapid7 website.
  3. Import the Metasploitable2 VM into your preferred virtualization software (e.g., VirtualBox, VMware).
  4. Start the Metasploitable2 VM and make note of its IP address.

Performing the TCP Port Scan

  1. Open a terminal in Kali Linux.
  2. Use the following Nmap command to perform a TCP port scan on the Metasploitable2 VM:
nmap -sT -p- <Metasploitable2_IP_Address>
  • -sT: Specifies a TCP connect scan.
  • -p-: Scans all ports (1-65535) on the target.
  • <Metasploitable2_IP_Address>: Replace with the IP address of the Metasploitable2 VM.
  1. Nmap will now scan the target system and display the results, showing the open ports and associated services.
Starting Nmap scan on 192.168.1.100
Nmap scan report for 192.168.1.100
Port     State Service
21/tcp   open  ftp
22/tcp   open  ssh
80/tcp   open  http
111/tcp  open  rpcbind
139/tcp  open  netbios-ssn
445/tcp  open  microsoft-ds
3306/tcp open  mysql
  1. Analyze the results to identify potential vulnerabilities and plan further steps in your penetration testing.

By performing a TCP port scan on the Metasploitable2 VM using Nmap in Kali Linux, you can gain valuable insights into the target system's open ports and running services, which is a crucial first step in the LabEx penetration testing process.

Summary

By following this Cybersecurity tutorial, you will learn how to effectively use Nmap to conduct a TCP port scan on the Metasploitable2 virtual machine in Kali Linux. This knowledge will empower you to enhance your Cybersecurity skills and gain a deeper understanding of network scanning techniques, which are essential for identifying vulnerabilities and securing your systems.

Other Cybersecurity Tutorials you may like