We had yet another brilliant evening of programming club last night at the ISArc offices near the Giants Causeway. We learned about common web-based systems attacks and how to counter them in our code. There were many tools to discover open ports, but perhaps none so interesting as mmap.
NMap is described as a security scanner, and it does exactly that – allowing you to scan your servers to find out what ports are open and then remedy the situation. Ideally a web server will only return port 80 being open.
Once you have downloaded and installed NMap on your Mac, simply open terminal (using another handy shortcut that I learned last night, pressing command and space to open spotlight and then type terminal and press enter)
In terminal, you then type:
nmap -v ipaddress
Obviously for security reasons I cant show you our results, but needless to say we found a few ports open that should not have been open (we were looking for only 2 ports open, 80 and 443 ideally), though discovered that the strange ports up near the 50000 range were actually for the dropbox services, so not a major panic after all.
If you know of other tools, or can add details on the Windows way of using NMap, please do comment!