Penetration testing

Network discovery tools

Infosec
September 13, 2016 by
Infosec

Network discovery is a process of identifying or mapping internal networks. In this process, a particular computer can communicate to another computer on the same network using a protocol. In a given organization, a network is setup in such a way that computers can communicate and share files internally.

A network discovery tool is a tool's or software which is used to scan a network to discover all the devices on a specific network. These tool's scan's a range of IP addresses to show the live devices in a given network. You can also find the devices which are turned off subject to an IP address assigned to it. These tools can fetch details of wired as well as wireless connections. These tools use SNMP, TCP, and ICMP, etc. to discover hosts.

What should you learn next?

What should you learn next?

From SOC Analyst to Secure Coder to Security Manager — our team of experts has 12 free training plans to help you hit your goals. Get your free copy now.

Common uses of network discovery tools

From a hacker point of view, a network discovery tool is used to find a live host in a network. It is used to view the MAC address, Name of the computer, IP address & uptime. By using these tools a hacker can create an accurate map of the internal network.

The modern network discovery tools do more than just finding live hosts:-

  • It is used to scan open ports on a target system.
  • It is used to know what operating system is running on a target system.
  • It is used to capture packets from a target network.
  • It is used to alter a device IP and make changes into the network.
  • It can be used to bring down a network simply by flooding it with packets.

Network scanners VS monitoring tools

Network scanners & networking monitoring tools do the same thing i.e. map the network. However, there are some differences between it.

Network scanner: - It is a tool to discover devices on a network. It can scan from larger corporate networks to small home networks. It identifies the range of IP address. It is used to scan networks for vulnerabilities in the security of that network.

Monitoring tools: - It is a tool which is to configure/monitor a network. It is used to monitor overloading, connection issue & or server issues continuously. This is mostly carried out through software. It is widely used to monitor whether a given service on the network is working properly or not. It is capable of detecting and reporting failures of devices or connections.

Network scanners

Monitoring tools

It is used to scan networks for vulnerabilities. It is used to monitor a network for issues.

It could be used either by a hacker or an admin. It could be used either by a hacker or an admin.

The software is not required to scan a network. The software is required to monitor a network.

Some of the common monitor tools.

Top scanners/monitoring tools

Type

Name

Cost

Download Link

Open source

Nagios

Free

https://www.nagios.org/downloads/

Open source

Cacti

Free

http://www.cacti.net/download_cacti.php

Open source

Nmap

Free

https://nmap.org/download.html

Paid

Nessus

$2,190

https://www.tenable.com/products

Open source

Masscan

Free

https://github.com/robertdavidgraham/masscan

Open source

Wireshark

Free

https://www.wireshark.org/download.html

Paid

Solarwinds

$2895

www.solarwinds.com/downloads/

Open source

OpenVAS

Free

www.openvas.org/download.html

Nagios: - It is a free & open source software that monitors System network & infrastructure. Nagios offers monitoring and alerting services for servers, switches, applications, and services. It alerts users when things go wrong and alerts them a second time when the problem has been resolved. It is fully customised depending on business requirements.

Catci: - - It is a free & open source network graphing solution designed to harness the power of RRDTool's data storage and graphing functionality. This is a web-based network monitoring application. Common usage is to monitor network traffic by polling a network switch or router interface via Simple Network Management Protocol.

Nmap: - It is a free and open source tool for network discovery & security auditing. It is one of the top & most preferred network scanners on the internet. Nmap is small but one powerful tool available. This tool provides a number of features including OS detection. You can also extend its capabilities by using scripts. Nmap is also capable of adapting to network conditions including latency and congestion during a scan. There is also a GUI version available which is known as Zenmap. This tool is available on all the OS platform (Linux, Windows & MAC).

Nessus: - Nessus is one of the world's most popular vulnerability scanner. It is a vulnerability scanner which is available free for personal use & it is chargeable for enterprises. It has a GUI.

Masscan: - Well one word that describes this tool is FAST. Yes, this tool is the fastest network scanner, ten times faster than any other network scanner. This tool can transmit up to 10 million packet/second, which is fast enough to scan the entire internet in just 6 minutes. It produces similar results to nmap bust it is faster & flexible. To get beyond 2 million packets/second, you need a dual port 10-gbps Ethernet adapter. It does have a web interface. It can be used on Windows, Linux & MAC.

Wireshark: - Well basically this is a network analysis tool. However, this can be used to map a network. This tool is used to capture, filter & inspect packets in a network. As a network packet analyzer, Wireshark can peer inside the network and examine the details of traffic at a variety of levels, ranging from connection-level information to the bits comprising a single packet. Wireshark lets the user put network interface controllers that support promiscuous mode into that mode so that they can see all traffic visible on that interface. This tool has a GUI front and supports Windows, Linux & Mac distributions.

Solarwinds: - It is a set of tools bundled into software. It provides powerful yet easy-to-use enterprise-class network management software designed by network professionals for network professionals.

What should you learn next?

What should you learn next?

From SOC Analyst to Secure Coder to Security Manager — our team of experts has 12 free training plans to help you hit your goals. Get your free copy now.

OpenVas: -

Open Vulnerability Assessment System (OpenVAS) is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution. IT is accompanied with a regularly updated feed of Network Vulnerability Tests. It is the most widespread Open Source solution for vulnerability scanning and vulnerability management. It is used and improved worldwide by people ranging from security experts to private users.

 

Please note: - all the images has been captured from the live virtual environment.

Infosec
Infosec