I took Security tools Nmap and Metaspoilt. Please proceed with the assignment on these security tools. Thank You

Student Name
Student Id
    Nmap security Tool
    Date
Contents
Nmap Background    3
Uses of Nmap    4
Features of Nmap    4
Different types of Nmap Scan    6
Nmap 7.70    7
Conclusion    7
References    9
    
Nmap Background
The short of Nmap is network mapper. Nmap is open source security tool which is designed by Gordon Lyon during year 1997. It is helpful in mapping of network and port scanning. Nmap is mostly used to find hosts and services on a network system by packet sending and reviewing the messages. The number of features are provided by Nmap to test server or networks which consist of identification of operating system and host discovery. This tool is widely used by network security workers and testers. Originally it was written for Linux Operating system and now it is also ported for other operating system such as windows, Solaris, mac etc. It is open source tool used under GPL licence. The following figure show Nmap in action for Linux Operating system:
Despite the fact that Nmap has advanced throughout the years and is amazingly flexible, on the most fundamental level it's a port-scan device, collecting data by transferring raw packets to framework ports. It tunes in for reactions and decides if ports are open, shut or separated somehow or another by, for instance, a firewall. There are different terms utilized for port scanning incorporate port discovery or count. [1]
Uses of Nmap
Nmap is open source security tool which is designed by Gordon Lyon during year 1997. It is helpful in mapping of network and port scanning. Nmap is mostly used to find hosts and services on a network system by packet sending and reviewing the messages. Here is list of their uses:
· This tool is used to find open ports on a target host in mixture for auditing.
· It is used for auditing the security of network or firewall by searching the network connections.
· It is also used for auditing the security of network by searching new servers.
· It is used to search and exploit threats in a network.
· It is also used for searching DNS queries and subdomain.
· It is helpful in producing traffic to hosts on a network.
· Tool is used to manage single hosts as well as various networks which surround multiple of gadgets and thousands of subnets.
· This tool is helpful in detecting security risks.
Features of Nmap
1. Host Discovery: Nmap uses requests to find current IP. There was –sp option in the older version of Nmap tool and newer verison uses –sn option. The following packets are sent to discover available hosts as listed below:
· A TCP ACK packet to port 80
· An ICMP timestamp request
· ICMP echo request
· A TCP SYN packet to port 443
If there is large and unknown target, then best solution is to find host first. At this phase, port scanning can produce too much traffic, consume time and assets which will hike security notifications. Some of the methods to find current IP’s are ARP scanning, ICMP scanning, TCP scanning, TCP ACK scan etc. [2]
2. Discover Services: The services for Nmap can identify by hearing on open communication ports. There are very common services such as Telnet, SMTP, SSH, FTP etc. Nmap is sending a probe and waiting for a reply when a banner is not advertised. The information getting through (-sv) command (service scan) is equal to 1000 of signature nmap puts in their database file.
[2]
3. Test for Vulnerabilities: Nmap Script Engine (NSE) in NMap helps in identify vulnerabilities in the network which is flexible feature having –SC option activated to write scripts for automation task. There are good collections of script in NSE which help in network discovery process by identifying threats and detection of backdoor. It is one of the most powerful tool for penetration testers and network admin.
4. Detection of OS: This tool is very useful in detecting the operating system and hardware or physical feature of network assets such as servers, routers and how are they connected with each other.
5. Security Auditing: Making sense of what adaptations of working frameworks and applications are running on system hosts lets organize managers decide their powerlessness to explicit blemishes. On the off chance that a system administrator gets a caution about a weakness in a specific variant of an application, for instance, she can examine her system to distinguish whether that software version is running on the system and find a way to fix or refresh the pertinent hosts. Nmap Scripts can automate operations, for example, identifying explicit threats.
Different types of Nmap Scan
There is different type of Nmap Scan to be perform as listed below:
a) TCP scan: This type of scan is very noisy and can be recognized with practically next to zero exertion. It is used to check and finish a three-way handshake among you and a select objective framework.
b) UDP scan: UDP scans are basically use to verify whether there is up of any UDP port and hearing for available requests on the destination system.
c) SYN scan: This is another form of TCP scan. The thing that matters is not normal for a typical TCP scan, itself nmap creates a syn bundle, that is the main parcel that is sent to set up a TCP association. What is essential to note here is that the association is rarely framed, rather the reactions to these uncommonly made parcels are dissected by Nmap to create output solutions.
d) Null Scan: Null scans is the type of scan that set all the header fields to null and are stealthy scan as it is clear from the name. For the most part, this is certainly not a valid parcel and a couple of targets won't realize how to manage such a bundle.
e) XMAS Scan: The windows running on PC won't react to Xmas examines because of the manner in which their...