For good security measures, it is a good idea to know what ports 
or services are running on your local machine.
Although Linux gives you a way to see what ports are open on your machine 
using "netstat -na" command, it is only limited to your own local machine and
 does not provide a way to see what ports are open on other remote machines.
 Besides, if your machine gets hacked to the point where the hacker 
can modify the behavior of system commands, netstat is very vulnerable 
and will not provide you a reliable feedback.

Addressing this issue, we will introduce a free software called Nmap, 
which is an open source utility for network exploration or security auditing. 
With this software on your Linux machine, you will have the ability to 
not only scan your ports to see what services are running, but also 
determine additional set of information such as, what hosts are 
available on the network and what operating systems these hotst are using.

Here, I will outline some simple instructions on how to use the Nmap 
to scan designated hosts. But first, make sure you install 
the program first (see installation instrutions).


To scan your own machine for open ports (services), run this command.


[root@unisys-vpn root]# nmap -sT -O localhost


As you can see, the command "nmap" starts the program with the following 
options"-sT" and "-O". The "-sT" option stands for scan TCP and "-O" stands 
for operating system, used for scanning the TCP ports and operating system 
installed on the specified host, respectively.


Following the simple example above, try scanning capone and see what 
services are running and what ports are open.



[root@unisys-vpn root]# nmap -sT -O capone 



The command shown above is exactly same as the previous example where 
only the name of the host is differet. 
Try the same command with various hosts (computers) on the network. 
You can use either their host names or IP addresses.


Finally, let's try scanning the UDP ports on a host instead of TCP ports. 
Run the following command on the command prompt.



[root@unisys-vpn root]# nmap -sU -O localhost 



Notice that one of the option flag is slightly different from previous commands.
As obvious as it might seem, the option "-sU" stands for scan UDP. 
Scanning the UDP ports on a host will take more time than scanning the 
TCP ports, due to technical differences in underlying protocol of UDP and TCP. 



There are many more options and features you can use with nmap, 
and on a side note, you can use the command "nmapfe" to use GUI (X windows) 
version of the software. If you are intersted in learning more about nmap,
visit www.insecure.org.




----------------------------------------------


Nmap Installation from the source code


1. First copy the nmap-2.54BETA31.tgz file 
from capone in /home/jbkim directory to your own machine. 
(rcp capone:/home/jbkim/nmap-2.54BETA31.tgz .) 

2. Become root. (su root)

3. Copy the file to your /tmp directory

4. Untar the file there. You should know how to do it by now, but just in case:
(tar -zxvf nmap-2.54BETA31.tgz)

5. Go into the nmap-VERSION directory  (cd nmap-2.54BETA31)

6. Run the following command:

./configure   (make sure you are in nmap-VERSION directory)	


7. Run the following command:
    
make
 

8. Run the following command:
    
make install




Test if your installation was successful by running the 
command "nmap" or if you can't find it, "whereis nmap". Good luck.