In the episode - 'Scanning, Monitoring & Patching' of the CompTIA Net+ Show, NMAP was discussed in brief. I'm just being a little curious here.
@wes-bryan Sir, you said NMAP can be used by attackers as well to gather some critical information about our network. So, can we make our networks 'NMAP Proof' in some way? Also, if it is somehow possible to make networks 'NMAP Proof', also admins will not be able to do anything for good right? So, is that trade fair enough?
Also when we run scans on NMAP, can we scan any IP in this world or the IP should be present in our LAN?
Doubt in NMAP
@Atharva-Bet, great question, unfortunately if the bad actor is connected to your LAN, they can scan your network. You can install IPS systems that monitor the traffic, alert when anomalous behavior like port scans, malware, traffic flows is detected and apply or reconfigure controls as a countermeasures. When it comes to the outside of your network, that is where the firewalls, DMZs, VPNs, secure protocols and encrypted communication help to strengthen security. I would not advise scanning any network you do not own such as company networks, ISP networks and public hotspots. You can practice within your LAN and I would suggest doing this in a controlled virtualized environment.