Auditors can use Nmap to get a quick idea of what hosts and services are available on a network.It can be used to scan a single subnet or much larger networks.
If it gets a response, it assumes that the port is open and immediately sends a RST (reset) to close the connection and then move on to the next port to be tested.
Fyodor, the author of NMAP, has conducted a yearly survey of the members of his mailing list (over 4,000 high-energy security professionals) to rank the top 100 security tools.
This list includes a number of the tools discussed in this section.
There are also a number of free whitepapers and guides on the Internet.
The following sections discuss a few commercial and open source assessment tools that can be used to effectively audit Cisco networks.
Nmap enables you to perform versioning (-s V) and OS detections (-O) separately or together as a combined command (-A): nmap –A 127.0.0.1 Starting Nmap 5.21 ( Interesting ports on 172.16.1.253: Not shown: 1707 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh Cisco SSH 1.25 (protocol 1.99) 23/tcp open telnet Cisco router 80/tcp open http Cisco IOS administrative httpd 443/tcp open https?