Tunneling nmap through Tor
Posted June 26, 2009 at 11:05 pm in Pen Testing, Privacy | 4 CommentsI looked at how to reduce your exposure using Tor earlier in the week. We installed Tor and Privoxy and configured our system to browse the Internet anonymously. We can use Tor and another great program called proxychains to Torify our network scans with nmap.
Before I continue I would like to recommend to anyone who doesn’t know what Tor is to read the aforementioned post. My post will walk you through installing Tor and provide additional background information. For anyone who doesn’t know what nmap is, you must be stuck on stuck on a Bell 103. All joking aside, ,map, short for network mapper, is a free and open source utility for network exploration or security auditing. It was created by Gordon “Fyodor” Lyon and has come a long way since its inception. A brief summary of its transformation: nmap’s original source code contained lines such as “fprintf(stderr, “Your ftp bounce server sucks, it won’t let us feed bogus ports!\n”);” and transformed itself into a movie star when it was featured in The Matrix Reloaded. It is used by network admins, system admins, and security professionals alike. You can find more detailed information at nmap.org.
A step often hastily overlooked in the attack process is the step of footprinting the target. As anyone who has ever had to thoroughly research a target knows this process can be exhausting and quite unrewarding. I tend to disagree with people who feel this is unrewarding. Researching a target is similar to learning to program, exploit, harden, etc. in my opinion. The more information you know about your target the more likely you are to succeed. As the old adage goes, “Proper planning prevents piss poor performance.”
