Nmap – Wi-Fi Security Auditing Software to Check Your Home Network [Windows]

posted on August 10, 2011 by Ryan Dube
You can see at the top of the main window that there is a field for the “target.” This is the IP address of the device or devices that you want to scan. One of the difficulties of monitoring for unknown devices that are on your network without permission is knowing what the IP address of those devices are. One way to make identifying hijackers much easier is by defining only a range of IP addresses in your router. This way, any computer that connects to your network must have one IP within a range.
You can do this by going to your router admin panel, clicking on network setup, enabling DHCP and enabling a range of IP addresses to lease out to new devices. In the example below, I’ve started at 192.168.1.100 and allowed for only 50 IP addresses (up to 192.168.1.149).

Once you do this, you will know what range of targets to scan to look for any surprises on your network. Getting back to Zenmap, if you do want to analyze an individual device, just type the IP address in the target field. Under “Profile“, you can choose what level of scan you want the software to conduct. “Intense Scan” is obviously more thorough, or you can just do a ping to see what devices are live, or a list of other scans as shown here.

An intense scan gives you a whole lot of information about a device. It’ll do a port scan and tell you what ports are open on that computer or server, what services are running, what operating system and other software is running, and a whole lot more. This is a brilliant way to see whether or not there are any surprises. If any viruses get installed on your machine and open up a new port to start relaying spam, this scan will pick up on it even if your antivirus software didn’t.

In the ports/hosts tab, you can see a visual display of all ports that are open, their state, protocol, and the service that’s using the port.

Click on the “Host Details” tab, and you can see a summary display of scanned properties for each host. This can really come in handy when you have a very slow Internet connection and want to see what’s eating up all of your bandwidth. You may be surprised to discover that a device has an odd port open with some unknown service reaching out over the Internet through that port.

A far more popular use of this software is as a regular network scanner for maintaining a network. You can scan the entire range of IP addresses you’ve defined in your router, and the software will go through each IP, one at a time, and conduct a full scan on each device. You can define a range by using the CIDR style of addressing. In the example below I used /24 numbits to have the software scan 256 hosts starting at 192.168.1.1.

Once the network scan is done, all active hosts on the network will show up on the list to the left. Keep an eye out for any surprises showing up on your Wi-Fi network. You can click on each host device, and the scan results for that device will show up in the Nmap Output display on the right.

In my opinion, one of the coolest features of this software is the Topology display, which will give you a graphical representation of all of the devices on your network, as well as the security level represented by the scan results. You can right-click on the host node and select to see more details about it.

For regular routine monitoring and maintenance of your home or small business network, this wi-fi security software is a must-have. At the very least, it’ll give you the peace of mind of knowing exactly what’s on your network and what sort of activity is going on, utilizing your precious bandwidth.
Give Nmap a try. Did it uncover anything interesting going on in your network? Share your experiences with using it in the comments section below.

Ryan Dube
Ryan Dube is a freelance writer and Electrical Engineer with Search Engine Optimization expertise. His writing and research focuses primarily on conspiracy theory investigations utilizing science and technology at TopSecretWriters.com.

View the original article here