How to adequately prepare for an nmap scan?

A place where newbies can post without (much) fear of reprisal. All mission posts should still go in the applicable forum.
Forum rules
Older HTS users: Be nice to the new people.

NEW USERS: This is NOT the place to post about missions! Refer to "Missions" category.

How to adequately prepare for an nmap scan?

Post by TheWard3n on Thu May 09, 2013 2:03 am
([msg=75508]see How to adequately prepare for an nmap scan?[/msg])

Fellow HTS members,

my question: what security/anonimization procedures would one carry out prior to running an nmap scan?

So far, I found that most nmap guides jump straight into the scanning phase, and I'm not sure what one would do to effectively conceal one's identity (IP, MAC, etc.).

I'll be scanning computers I own, in a test environment, but I'd like things to be as realistic as possible.

Thank you all.

Happy hacking.
TheWard3n
New User
New User
 
Posts: 5
Joined: Wed May 01, 2013 8:25 am
Blog: View Blog (0)


Re: How to adequately prepare for an nmap scan?

Post by -Ninjex- on Thu May 09, 2013 9:17 am
([msg=75511]see Re: How to adequately prepare for an nmap scan?[/msg])

You could use proxychains.
If you're not willing to learn, no one can help you. If you're determined to learn, no one can stop you.⠠⠵
The absence of evidence is not evidence of absence.
I can explain it for you, but I can't understand it for you.
User avatar
-Ninjex-
Addict
Addict
 
Posts: 1303
Joined: Sun Sep 02, 2012 8:02 pm
Blog: View Blog (0)


Re: How to adequately prepare for an nmap scan?

Post by TheWard3n on Fri May 10, 2013 5:17 am
([msg=75523]see Re: How to adequately prepare for an nmap scan?[/msg])

Thank you, ninjex, I have been reading about proxychains, and will try it out. (By the way, what is the best source for free proxies?)

Is that what you would do before scanning with nmap? (ninjex and other experienced members of HTS)


Thanks
TheWard3n
New User
New User
 
Posts: 5
Joined: Wed May 01, 2013 8:25 am
Blog: View Blog (0)


Re: How to adequately prepare for an nmap scan?

Post by -Ninjex- on Fri May 10, 2013 9:17 am
([msg=75524]see Re: How to adequately prepare for an nmap scan?[/msg])

Well you always have different options, of course you don't have to go with proxy chains. If you really need to, you could go get a loadable debit/credit card that doesn't require any personal information. Next go get a VPS that is linux/ubuntu (only around $5 a month for what you would need), and install proxy chains there to do all your dirty work. Just proxy when connecting to it, and keep your logs clean.

As for proxychains, you can easily go to hidemyass.com, and click on the link near to top that says IP:Port Proxies

From there, you are going to want to set it to socks 4/5 protocol, (for tor) with high anonymity and speed.

If you want to be even more secure, do both.
If you're not willing to learn, no one can help you. If you're determined to learn, no one can stop you.⠠⠵
The absence of evidence is not evidence of absence.
I can explain it for you, but I can't understand it for you.
User avatar
-Ninjex-
Addict
Addict
 
Posts: 1303
Joined: Sun Sep 02, 2012 8:02 pm
Blog: View Blog (0)


Re: How to adequately prepare for an nmap scan?

Post by limdis on Fri May 10, 2013 11:17 am
([msg=75529]see Re: How to adequately prepare for an nmap scan?[/msg])

I'm not saying that preparation to remain anonymous is ever a bad thing. But I've never heard of someone so adamant about it for simply using nmap. :roll:

http://nmap.org/book/legal-issues.html
"The quieter you become, the more you are able to hear..."
"Drink all the booze, hack all the things."
User avatar
limdis
Moderator
Moderator
 
Posts: 1346
Joined: Mon Jun 28, 2010 5:45 pm
Blog: View Blog (0)


Re: How to adequately prepare for an nmap scan?

Post by brutal_hacker on Fri May 10, 2013 1:44 pm
([msg=75533]see Re: How to adequately prepare for an nmap scan?[/msg])

Technically port scanning is not a crime or illegal when used under a home network or amongst friends/colleagues with permission. But random targets is indeed a grey area and may get you into trouble with some paranoid people. A simple port scan to check for open ports is already there for anyone to see how do you think programs browse for open ports. I personally believe it should not be illegal but that's just my view it will not hold up in court.

The illegal part of it is using the information maliciously. Hence why most people do what ninjex stated. As its home testing just go through a simple method of online proxies and when you get the time look into a more in depth approach to hiding your identity. There are plenty of guides online on how to remain anonymous I believe the group anonymous wrote an excellent article on it a while back for obvious reasons.
brutal_hacker
Experienced User
Experienced User
 
Posts: 58
Joined: Fri Apr 19, 2013 1:03 pm
Blog: View Blog (0)


Re: How to adequately prepare for an nmap scan?

Post by TheWard3n on Sun May 19, 2013 1:47 pm
([msg=75679]see Re: How to adequately prepare for an nmap scan?[/msg])

Thank you all very much for your replies.

" [...] it is rarely wise to take legal advice from a T-shirt." Great line.

Happy hacking.
TheWard3n
New User
New User
 
Posts: 5
Joined: Wed May 01, 2013 8:25 am
Blog: View Blog (0)



Return to NZone

Who is online

Users browsing this forum: No registered users and 0 guests