A Hacker’s View of Your Network—Analyzing Your Network with Nmap

Tuesday, October 30, 2018 - 2:00 pm3:30 pm

Joe Schottman

Abstract: 

Nmap is a common open-source network mapping and exploration tool used by attackers to enumerate your servers and services. It also features a Lua-based script engine that can be used to rapidly detect vulnerabilities across your network, helping you stay one step in front of threats. Learn the basics of what your network looks like to attackers and how to use their tool to monitor your perimeter, automate vulnerability scanning, and help keep your systems secure.

Joe Schottman, N/A

Joe is a former web developer and system administrator now working in security but whose job duties still manage to end up being "other duties as required." His professional experience includes online video in higher education, high volume news websites, and financial industries. He is focused on testing and working smarter, increasing collaboration between offensive and defensive staff, and helping people understand the underlying concepts rather than relying on ineffable processes and procedures.

BibTeX
@conference {221798,
author = {Joe Schottman},
title = {A {Hacker{\textquoteright}s} View of Your {Network{\textemdash}Analyzing} Your Network with Nmap},
year = {2018},
address = {Nashville, TN},
publisher = {USENIX Association},
month = oct
}
Who should attend: 

The target audience for this talk is sysadmins that have not used Nmap before and want to become more security aware (or their managers). It’s especially suited for staff at smaller companies that may not have large security teams or budgets but need to increase their security awareness and posture.

Take back to work: 
  • How to document permission to scan
  • Scanning external networks to understand your organization's attack surface
  • Scanning internal networks for what attackers will target if they gain a foothold
  • Scanning external networks over time to detect unauthorized servers
  • Using plugins to automate tasks and test for new vulnerabilities
Topics include: 

Nmap scanning for defensive purposes

Prerequisites: 
  • A laptop capable of running virtual machines
  • Understanding of the basics of TCP/UDP/IP