Network Monitering/ Communications

January 18, 2022

#nmap #netstat #netcat #ncat #telnet #tcpdump #curl #wireshark #bannercapture

`nmap`: networking mapper/port scanner that reports what it is able to connect to

USAGE: – when you want to know about open ports on a remote system – when you want further info about the service listening on each port – when you need a second opinion about listening ports

`netstat`: network statistics / diagnostic that reports what the kernel knows about listening the established connections

USAGE: – what is listening on your local machine? – process or interface/address info for each port – ONLY IF you trust the OS to give the correct answer (if you've been hacked, a rootkit can make the OS lie to netstat about what really is going on)

`netcat`: port-scanning, banner grabbing, transfer files

open ports, send packets, receive packets
file transfer, sending custom requests to services (SMTP, HTTP), tunneling
handles lower OSI layers of connection so user can manipulate upper layers as needed; banners are at application layer

`ncat`: concatenate and redirect sockets

`telnet`

tcpdump

wireshark

Follow-Up Questions

why are banners are application level
nc vs nmap usage cases for banner capture

Network Monitering/ Communications

nmap: networking mapper/port scanner that reports what it is able to connect to

netstat: network statistics / diagnostic that reports what the kernel knows about listening the established connections

netcat: port-scanning, banner grabbing, transfer files

ncat: concatenate and redirect sockets

telnet