1
00:00:00,440 --> 00:00:06,440
As I mentioned before, and map network mapper is a free and open source utility for network discovery

2
00:00:06,440 --> 00:00:07,520
and security auditing.

3
00:00:08,680 --> 00:00:14,800
Many systems and network administrators also find it useful for tasks such as network inventory, managing

4
00:00:14,800 --> 00:00:19,030
service, upgrade schedules and monitoring host or service uptime.

5
00:00:20,560 --> 00:00:24,070
So let's analyze this and in service of our router using Intermap.

6
00:00:26,700 --> 00:00:32,850
So remember, in the previous lecture, we scanned the TCP ports and we saw that the Port TCP one six

7
00:00:32,850 --> 00:00:39,280
one was closed, but we enabled the S&amp;P service in the router with the default values.

8
00:00:39,300 --> 00:00:40,740
So it's supposed to be open.

9
00:00:41,870 --> 00:00:49,480
S&amp;P uses the UDP protocol in general, so we should check the Port UDP one six one as well.

10
00:00:50,150 --> 00:00:52,490
So let's create another in map query.

11
00:00:54,440 --> 00:00:59,720
This time around, we'll use as capital you to run a UDP scan.

12
00:01:00,970 --> 00:01:08,290
Identify the port scanned by BP as a parameter one six one and one six two.

13
00:01:09,630 --> 00:01:14,160
S Capital V for version detection and finally, the IP address of our router.

14
00:01:15,490 --> 00:01:20,200
Great UDP scans take a little longer than TCP scans and general.

15
00:01:33,170 --> 00:01:34,650
So it took about two minutes.

16
00:01:34,910 --> 00:01:41,630
And here are the results, both UDP Port one six one and one six two are open as expected.

17
00:01:43,890 --> 00:01:50,250
Now, Unmap has a scripting engine and has a lot of useful scripts that come with the unmap tool by

18
00:01:50,250 --> 00:01:54,960
default, the extension of unmap scripts is NMC.

19
00:01:55,420 --> 00:02:02,250
So let's find a few using the Locate Linux Command, locate star DOT NSC.

20
00:02:04,080 --> 00:02:05,940
Here are the unmap scripts.

21
00:02:07,610 --> 00:02:14,720
Now I want to filter the scripts written for just the S&amp;P service, record the command, but a pipe

22
00:02:14,990 --> 00:02:23,420
type grip S&amp;P and hit enter, it'll show only the lines which contain as an MP as the key word.

23
00:02:24,440 --> 00:02:30,470
The S&amp;P bruta script has defined the community names of the service using the brute force attack.

24
00:02:30,980 --> 00:02:34,700
So let's create a new and map query to run this script.

25
00:02:35,930 --> 00:02:45,170
And map as upper case you to scan UDP ports P one six one to scan the port one six one IP address of

26
00:02:45,170 --> 00:02:47,870
the router script to run the script.

27
00:02:47,870 --> 00:02:52,280
And finally, the name of the script, S&amp;P Bruta.

28
00:02:57,240 --> 00:03:05,550
And here's the result, and MAP found two community names, public and private, that's his perfect.