IP Scanners in the Nutshell

IP Scanners in the Nutshell

IP Scanners from the perspective of a non-system administrator is like network wizardry, but the real intention of such programs is utilitarian. This type of application is a regular part of a system administrator’s toolkit, as it helps identify the network’s IP layout. With the introduction of the GUI-based operating system, it is one of the sysadmin’s utilities that graduated from a command-line based utility to a graphical user interface-based application. Possession of such a program as non-admin in a network is considered a serious offense by a typical organization. This is because non-IT employees have no business to deep dive into how the corporate network IPs are laid-out.

Below are some of the competing IP Scanners available for download:

1. NMAP

Advantages:

  • Extremely versatile TCP/UDP port scanning tools.
  • Service/OS detection capabilities.
  • Ability to integrate with Zenmap GUI creating a visual network map, while it can also store information on particular nodes in a network.
  • Built-in NSE scripts for reconnaissance and vulnerability discovery, and even exploitation in some cases. A nice toolkit for pentesters and sysadmins.
  • Options for stealth/firewall evasion.
  • Various output formats that allow parsing and processing of results by other programs. (XML, Grepable, etc.)
  • Copious documentation on using techniques and scripts.

Disadvantages:

  • NSE scripts are written in Lua, rather than a less obscure language like python or ruby, making extending and customizing Nmap’s capabilities more work than it ought to be.

2. Advanced IP Scanner

Advantages:

  • Support CSV export of IP scans
  • Portable application, no need to install
  • Program is free to use

Disadvantages:

  • Weak IP scans compared to a paid counterpart
  • There is no predefined IP address range for scanning. Users need to manually input the IP address range.

3. Lizard System’s Network Scanner

Advantage:

  • Easy to understand GUI
  • Export to XML, TXT or HTML format
  • Captures Netbios, web server, FTP and other web services hosted on the network.

Disadvantages:

  • Not free, only a 10-day trial
  • Lacks export to .csv format

4. Spiceworks IP Scanner

Advantages:

  • Multiplatform: Windows, MacOS and Linux versions available
  • Light in system resources
  • Easy to use interface

Disadvantages:

  • Only features basic IP address monitoring

5. Angry IP Scanner

Advantages:

  • Opensource software
  • Multiplatform: Windows, MacOS and Linux versions available
  • Capable of performing port scans
  • Multiformat export capability: txt, csv and XML

Disadvantages:

  • Uses Java plugin

6. Solar Wind’s IP Address Manager

Advantages:

  • Automated IP address discovery
  • Self-explanatory user interface
  • Highly customizable
  • IP conflict detection
  • Supports IPV6

Disadvantages:

  • Paid app, no free trial

Determining which is the top network scanning tools to use in the defense against unauthorized access can be intimidating. Security tools not only assist in providing defense in depth against unauthorized users but also provides an automated means of identifying security issues; a job that would otherwise be extremely time intensive and prone to human error.

“Prevention is a must but detection is ideal” talks about how devices such as routers and firewalls must be in place to prevent unauthorized access, but devices such as intrusion detection systems or log monitoring ideally should be in place to detect an unauthorized user if a breach occurs. Understanding these concepts will assist in securing an environment and help mitigate the risk of your network being compromised. Using these principles in conjunction with automated tools and a proven methodology will further harden your environment to acceptable levels of risk. Remember, the goal isn’t achieving 100% security since that’s impossible, but rather establishing a level of security that will help mitigate the risks.

Kevin Jones951 Posts

Kevin Jones, Ph.D., is a research associate and a Cyber Security Author with experience in Penetration Testing, Vulnerability Assessments, Monitoring solutions, Surveillance and Offensive technologies etc. Currently, he is a freelance writer on latest security news and other happenings. He has authored numerous articles and exploits which can be found on popular sites like hackercombat.com and others.

0 Comments

Leave a Comment

Login

Welcome! Login in to your account

Remember me Lost your password?

Don't have account. Register

Lost Password
Register