Welcome to the next lesson on Zen map.
This lesson will cover the custom scan profile editor.
The profile editor is simply a way for you to build out your own custom scans, then save them so they can be run
again. Any time you opens in map without having to remember all of the options that yielded such great results,
the lab for this lesson is fairly long.
I'm going to do two things. First, I'll show you how the profile editor works in Second, try to provide you with some useful and handy who is an OS detection scans.
I hope they'll be really useful to you.
Here are the learning objectives for this lesson.
First, we'll talk about
what a custom scan profile is in Zen map.
Next, we'll discuss why they're important, and finally we'll go through a lab on creating them.
Custom scan profiles are used in Zen map to allow you to save all of the options and command lines, which is you've worked hard to create an easy to find and recall graphical environment.
One of the nice things about them is that once you create and save them, they'll be available to you every time you open Zen map,
as you'll see in the lab, they're extremely easy to create. Modify, and almost all of the options could be set by mouse click.
So why are they important?
Well, the first reason is that they provide such an easy way to see and set all of the options at the command line. And map requires you to either remember options or use help or a reference in sin map. All of the options are categorized in a common sense way and could be set or unset easily.
Another reason they're important is that they provide a really good way to learn the way and map determines the default order of options. As we discussed, the order that options were placed in does not really determine whether a scan will succeed or fail necessarily. But I'm convinced that blazing options in a certain order will speed up processing.
If nothing else, though, it helps you to learn a standard for building and map command line scans.
Finally, they're important because they allow you to save
modify and run them many times
at the command line. The only way to duplicate this functionality is by either creating batch files or keeping a personal scan reference library at your disposal.
in this lab, I'll show you the Zen map profile editor. I'll give you a tip for naming your custom scans. Then I'll show you why. Leaving the target blank helps you in most cases.
Finally, I'll walk through creating three pretty useful custom scan profiles.
Welcome to the Zen map lab, covering one of the coolest features of Zen map. I think that is the profile editor. I have a lot to cover, so let's get started.
As you can see, I have Zen map open
and the first thing I want to show you and what this whole lab is about is the profile editor, so it could be found on the top menu bar. It's called Profile
and then click on New Profile or Command.
This brings up the profile editor
inside the profile editor. There are many, many different options. I think probably all of the options that in map provides in a point and click environment, and they're all in these tabs here at the top, so you can click on scan,
see a lot of options there
being all the different type of being scans you can do scripting, target,
source, other and timing.
So the first thing we want to do is we want to name our customs can profile, and what I usually like to do is start each custom scan profile with the word custom.
It differentiates it from all of the other scans built in tow and map. So it's a custom
Golan and then the name of your scan. I'll just call this one test
will just make this a really simple scan.
I'm going to do a ping scan the F c M peeping,
I'm going to leave the target blank. And the reason why is because after you build out your profile,
usually you're gonna want to run that scan again,
using a different target, and I hope that makes sense. I'll show you what I mean.
What happens now that we've built that custom profile is under
profile, this drop down list, your custom scan will show up
and you can see why I like to call it custom. Our name it custom at the beginning that is to differentiate between all of the other built in and map scans. So if I click on that scan, you can see that my command is built out.
Um, and there is no target.
by default, because I usually run my scans on different targets every time.
That is, unless you're going to do an inventory of your network and you want to see the differences between one
network scanning another. But we'll cover that later.
So here in my target, I'll just type I p address of my default gateway, which is 1 82.1 68.1254
Okay, so now if I click on the drop down again click custom test,
I can clear out the target. Put in a different target.
Do you want that one? I don't know if there's anything there, but let's scan it.
It looks like I have telling that open on that
device and it is a Cisco device. So that's good information.
Okay, so now we covered where the profile editor is and what a naming convention is, and I also gave you a tip toe, Leave the target blank. So let's build out some actual valuable custom scan
All right, Now that we created a test
custom profile, let's create one that does something actually valuable. Um,
click and profile, New profiler command.
the options here in the command line
And really? We're only gonna set two options and one of them is on NSC script. So we'll click, click on scripting
click in this. Ah, in this list of scripts And one cool thing is, you can just start typing.
It brings up a little search window and it will take you to the script that you're looking for.
You can see it building out the scan here at the top.
And the only other option I want to set was the verbosity. So
So I'm gonna click on other.
We'll click on for Boston E level
and then we will make it for boasts one.
Then we'll save the changes.
OK, so it didn't already default to that scan profile, so we'll find it in our list here it is. Who is I P
Okay. And it's doing who is I pee on the last target that we selected. So I'm gonna erase that.
And one of the things that you might want to do when you're looking up an I P address is first of all, deciding what I'd be addressed that you want to find information about. And a lot of times that's gonna be a public i p address. And so if in your intrusion detection system, you find a strange i p address and you want to know
a little bit more information about it, this is a great scandal run.
Uh, I don't have an i. D. S installed on this machine, so I'm going to actually do a little bit of email header analysis.