Knocking on Digital Doors: A Beginner's Guide to Network Scanning

Shabarish SugguShabarish Suggu
3 min read

Before you can secure a building, you first need to walk around it. You need to check which doors are open, which windows are unlocked, and what services are running inside. In the digital world, we do the exact same thing, but we call it network scanning.

During my internship at Cyber Privilege, one of the first things I learned was how to map out a digital environment. It’s a fundamental skill for both attackers and defenders, and it's all about asking one simple question: "What's out there?"

Why Bother Scanning? Finding the Doors and Windows

So, what’s the point of "knocking on digital doors"?

  • For an ethical hacker (the attacker's perspective): You're looking for an entry point. Is there an open "port" (a digital doorway)? Is there an old, vulnerable service running that can be exploited? You're essentially creating a map of potential weaknesses.

  • For a network defender (the good guys' perspective): You're doing the same thing, but for your own house. You want to make sure you haven't left any doors or windows unlocked by accident. Are there any unauthorized devices on your network? Are all your services up-to-date?

You can't protect what you don't know you have. Scanning is always the first step.

My Go-To Tools for Network Reconnaissance

There are tons of tools out there, but a few are legendary. Here are the ones I've been getting to know.

  • Ping: This is the simplest scan imaginable. It’s the digital equivalent of shouting "Marco!" and waiting for a "Polo!" back. You send a ping to a device's IP address, and if it responds, you know it's online and reachable.

  • Nmap (Network Mapper): This is the undisputed king of network scanning. Nmap is a Swiss Army knife that can tell you almost anything you want to know about a target. It doesn't just tell you if a device is online; it can tell you:

    • Which ports (services like web servers, email, etc.) are open.

    • The Operating System the device is running (e.g., Windows Server 2019, Linux).

    • The version of the software running on each port, which is crucial for finding vulnerabilities.

  • Masscan: Think of this tool as Nmap's cousin who is obsessed with speed. While Nmap is very thorough, Masscan is built to do one thing incredibly fast: scan a huge number of machines for a single open port. It's so fast, it can scan the entire internet in minutes.

### A Quick but Important Note on Ethics

This is the most important part of this entire post. The only difference between an ethical hacker and a criminal is one word: PERMISSION.

Scanning a network that you do not own and do not have explicit, written permission to test is illegal and unethical. Every scan we perform at Cyber Privilege is done with the full consent and knowledge of our clients. These tools are for building and defending, not for breaking and entering.

~ By Shabarish Suggu …

0
Subscribe to my newsletter

Read articles from Shabarish Suggu directly inside your inbox. Subscribe to the newsletter, and don't miss out.

#cybersecurityCyberprivilege

Written by

Shabarish Suggu
Shabarish Suggu