Nmap: ICMP Network Scanning.

ICMP scanning in Nmap primarily involves sending ICMP echo requests (ping) to remote hosts to determine their online status and measure their response times. Here's how you can perform ICMP network scanning with Nmap:

1. Ping Sweep (ICMP Echo Request Scan):

To perform a basic ping sweep using Nmap, you can use the following command:

nmap -sn <target>

  • `-sn:` This option tells Nmap to perform a "ping scan," which sends ICMP echo requests to the specified target(s) and reports which hosts are online. Replace <target> with the target IP address or a range of IP addresses you want to scan. Nmap will send ICMP echo requests to these targets and provide a list of hosts that responded.

2. ICMP Timestamp Requests (Timestamp Scan):


Nmap can also send ICMP timestamp requests to a target to retrieve information about the system's uptime. To perform an ICMP timestamp scan, use the following command:

nmap -Pn --send-icmp -oA outputfile <target>

  • -Pn: This option tells Nmap not to perform host discovery (ping) but instead scan the specified target(s) directly.
  • --send-icmp: This option instructs Nmap to send ICMP timestamp requests. Replace <target> with the target IP address or range. This scan will provide information about the uptime of the target system(s).
ICMP scanning is often used as a preliminary step in network reconnaissance to identify live hosts within a range of IP addresses. 

Keep in mind that some hosts or network configurations may block ICMP traffic, which can lead to false negatives. 

Additionally, ICMP scanning provides minimal information compared to other Nmap scan types, but it's a useful starting point for network discovery.
-------------------------------------------------------------------------------------------------------------

Question1: How would you perform a ping sweep on the 172.16.x.x network (Netmask: 255.255.0.0) using Nmap? (CIDR notation)

Answer: nmap -sn 172.16.0.0/16
-------------------------------------------------------------------------------------------------------------
Thanks for reading.

Roger - Ozz961

Comments

Popular posts from this blog

Common Network Commands: IP R

Junior Security Analyst Intro

Example of A Day in the Life of a Junior (Associate) Security Analyst