Getting to know your neighbors — Darren takes a trip around your network with nmap, THE open source network security scanner. Want to obscure your OS fingerprint? Make a Windows Box show up as a printer? Shannon’s got just the thing. And Matt takes a first look at the Napera N24 smart network switch / security appliance. All that and more on this Hak5 Season 5 Premiere!

Download HD Download MP4 Download XviD Download WMV

Show Notes

Taking a trip around your network with Nmap

This week I talk about network scanning with the difinitive open source security scanner Nmap.

Scanning ones own network is ideal whether simply to know your neighbors or keep inventory of your assets. As a black hat it can be the first step in enumerating a target environment and looking for weaknesses.

In order to perform our scan we’ll simply need a copy of Nmap. It’s available for Windows, Mac, and just about every flavor of Linux, BSD and more. If you’re on a debian based system like Ubuntu a simple apt-get install nmap should do you good. If you’re looking for a security distribution with nmap (and a ton of other great tools) built in can’t speak highly enough of BackTrack. Version 4 beta was just recently released.

The underlying workings of Nmap are better explained in this guide but suffice it to say it takes advantage of TCP’s 3-way-handshake and other fancy raw packet tricks to find hosts and open ports. In this segment I set out to introduce the concept and get you started with a few basic examples. If you’re interested I recommend Nmap Network Scanning and the official man pages as further reading.

The segment details some commands and their usage in a searching for open MS terminal servers scenario. I highly encourage you to provide feedback either by way of email (darren AT hak5 d0t org) or on our forums. I enjoy doing segments like these but if you have any corrections (more than one way to skin a cat), suggestions for future topics or hacks of your own please let me know.

Darren Kitchen

Obscure your OS Fingerprint

OSfuscate 0.3 by Irongeek is used to camaflouge or obscure your Windows OS. With this tool, it’ll show up like another OS of your choice, nothing at all, or even a printer. OSFuscate could be used if you are on a hostile network and need some sort of cloak while going along in your daily routine. It is important to note that this is not a fool proof method for hiding yourself on a network and should not be relied upon for security. however, as a layer of obscurity in addition to your regular security practices you may want to consider it.

It’s a simple process to set up OSFuscate on your machine. Go to Start->Run->Regedit. Back up your Parameters folder, found under System->CurrentControlSet->Services->Tcpip->Parameters. You can do this by simply right clicking on the folder, and choosing export. This is basically just to keep yourself form messing up your OS in the process and having no way to return it to normal. You’ll notice on Irongeek’s website that certain Parameter Registry keys will be subtly changed. You could do this by hand, but OSFuscate makes this task super simple. Open OSFuscate, and choose an OS that you want to pretend to be. Restart your computer and the differences should be in place! Now if someone running NMap snoops your computer, they’ll see some other OS other than what you actually have.

You can find more information at Irongeek’s Website. And as always, you can email me with any comments or suggestions.

as it really helps us out. :)

Shannon Morse

Matt’s full review of the Napera N24 can be found on his blog at

Thanks for tuning into our season premiere episode. We’re very excited about all of the exciting new projects coming up in Season 5. We appreciate and encourage your feedback — especially on this episode’s fresh format, pace, and presentation. We strive to make this show better and better for you every week so let us know how we’re doing!

And a big thanks to those who’ve contributed to the success of Hak5. Your donations are greatly appreciated!

Leave a Reply

Your email address will not be published. Required fields are marked *



  • Freddie 6 years ago

    This episode seemed of lower quality than most others.

    It just seemed to go too fast and thrown together.

  • Myndmelt 6 years ago

    Sweet episode guys, getting better all the time~!

  • What’s up with the season change? I didnt notice anything really different.

  • goarilla 6 years ago

    darren, you are a kittymolester

    cat file | grep term ?

    that’s what we in the slackware community call UUOC
    Useless use of cat, why not do:

    grep term file

  • My GOD it cough me off gaurd when they said my name :|.

    But it was awesome XD!

    I really thought it was an automatic reply thing! Damn hotmail….

    Anyway, awesome episode!

  • @goarilla,

    Believe it or not I’m still a Linux newbie. I’ve taken courses in college and used it as needed on routers and embedded systems but never on the desktop for very long.

    To think, had I just bit the bullet back in season1 I’d be an expert by now.

    Regardless, I’m making the effort this season to do everything I possibly can in one nix or another. My apologies in advance if I hose something up.

    Kinda funny though, I’ll more a file but I still cat to grep.

    Anyway if you haven’t already this is an excellent resource for all sorts of interesting command line tidbits:

  • Matt should lay off the amphetamines.

  • Micah C 6 years ago

    Hey Matt I have a question about the Napera N24 smart network switch. How does that work with mobile devices connected to wifi. Most mobile devices don’t have the capability of running the .exe. Or are they always “healthy”?

  • @Freddie

    Totally agree. Love Hak5, but this episode seemed to go so quickly and with not as much content. Good quality, just not as great as previous episodes.

  • also just to clarify, by content I don’t mean just more hacks, there was always more banter and more playing around in previous episode, this one seems like it got down to business, gave you tips, and left. Almost cold lol.

  • Rad episode, totally forgot about the -oG flag.

    If you want to import your Nmap XML scan files into a database (SQL or other) and query them later, checkout ScanDB.

  • heeerrresjonny 6 years ago

    Hey, where are you going in Tennessee? No one ever comes here, or so I thought.

  • James 6 years ago

    Where is the list of additional reading recommendations? If heard you correctly, you mentioned that you have some great books to read?

  • Shannon is too cute!

  • Shannon is too cute! Gorgeous smile!

  • Thomas 6 years ago

    I’m thinking stay away from Napera. Never heard from them after several attempts to contact sales. Left 3 messages for Henry Rivera and used their website “contact us” page. If sales is that slow I’d hate to have any support issue.

  • @ hacking hotmail passwords –> don’t spam and spoil this great site

    Hello admin check this spammer!!!

  • caddyshacker 5 years ago

    Don’t listen to the guy posting “hacking programs” above. He is a scammer, don’t pay him, I found the same program he makes you pay for free from here