Question

If you were infiltrating a network (10.16.0.0/16), and searching for vulnerabilities (while trying to remain undetected), why would running the following command be a bad idea?

Answer 1

Answer:

Yes, if you want to be undetected.

Explanation:

It is vital to always use a command that will ensure that one's activity is undetected. This is one of the important rules of corporate organizations to keep their data and activities safe and secure. The commend provided is a useful tool for detective works especially the activities of criminals and hackers. Therefore, if the admin wants to be undetected, the command should not be used.

Answer 2

Answer:

The question is incomplete, the complete question is as follows:

"If you were infiltrating a network (10.16.0.0/16), and searching for vulnerabilities (while trying to remain undetected), why would running the following command be a bad idea? nmap 10.16.0.0/16. Explain your answer"

Running the command would be a bad idea because Nmap 10.16.0.0/16 will search for and list all the subnets for the host 10.16.0.0 which are 256 in number.It will be better to rather use the command -sl 10.16.0.0/16 at first. This feature simply enumerates every IP address in the given target range and does a reverse-DNS lookup (unless -n was specified) on each.

Explanation:

Let us look deeper into meaning of Nmap. Nmap is short for Network Mapper. It is an open source security tool for network exploration, security scanning and auditing. However, nmap command comes with lots of options that can make the utility more robust and difficult to follow for new users. The purpose of this is to explain better use of nmap command line tool to scan a host and/or network, so to find out the possible vulnerable points in the hosts.  

It was originally written by Gordon Lyon and it can answer the following questions easily:

i.  What computers did you find running on the local network?

ii. What IP addresses did you find running on the local network?

iii. What is the operating system of your target machine?

iv. Find out what ports are open on the machine that you just scanned?

v.  Find out if the system is infected with malware or virus.

vi. Search for unauthorized servers or network service on your network.

vii. Find and remove computers which don’t meet the organization’s minimum level of security.

Regarding this topic, we will deal with question vi that nmap can answer as above.

Like I said earlier, the best bet is to use the -sl nmap command(Nmap list scan) as it is can easily detect for vulnerability by showing names using DNS listing. The names of the hosts can hint at potential vulnerabilities and allow for a better understanding of the target network, all without raising suspicion by users on the network. Also, this Nmap list scan double-checks that the ip ranges being checked for vulnerabilities are correct for the particular company or network in oorder not to make a mistake by hacking another company's ip unnecessarily.