Nmap – Wi-Fi Security Auditing Software to Check Your Home Network [Windows]
In reality, monitoring the health of your home network is an important safeguard against both network intruders as well as viruses and malware. Most people have installed antivirus software these days and if you’ve been paying attention to the advice of MUO writers, then you’re also aware of how important it is to scan for and clean up adware, spyware and other nasty assorted applications .
However, there is one additional step you can take to ensure that all devices on your home network are healthy and secure, and that is running a regular network security audit on your home network. This is especially true on a Wi-Fi network, where it is far more likely that you may pick up hitchhikers and hijackers within your local community.
Monitor Your Network With Nmap
One of the simplest Wi-Fi security software apps you can use to keep an eye on your Wi-Fi security and network is Nmap. Nmap is actually short for “Zenmap”, which is the title of the app that you’ll see once you install it. This program is a fast and efficient way to scan your entire network. It can be used to conduct a security analysis on one device that you know is on your network, or it can scan an entire range of IP addresses to search for security vulnerabilities on any device.
You can see at the top of the main window that there is a field for the “target.” This is the IP address of the device or devices that you want to scan. One of the difficulties of monitoring for unknown devices that are on your network without permission is knowing what the IP address of those devices are. One way to make identifying hijackers much easier is by defining only a range of IP addresses in your router. This way, any computer that connects to your network must have one IP within a range.
You can do this by going to your router admin panel, clicking on network setup, enabling DHCP and enabling a range of IP addresses to lease out to new devices. In the example below, I’ve started at 192.168.1.100 and allowed for only 50 IP addresses (up to 192.168.1.149).
Once you do this, you will know what range of targets to scan to look for any surprises on your network. Getting back to Zenmap, if you do want to analyze an individual device, just type the IP address in the target field. Under “Profile“, you can choose what level of scan you want the software to conduct. “Intense Scan” is obviously more thorough, or you can just do a ping to see what devices are live, or a list of other scans as shown here.
An intense scan gives you a whole lot of information about a device. It’ll do a port scan and tell you what ports are open on that computer or server, what services are running, what operating system and other software is running, and a whole lot more. This is a brilliant way to see whether or not there are any surprises. If any viruses get installed on your machine and open up a new port to start relaying spam, this scan will pick up on it even if your antivirus software didn’t.
In the ports/hosts tab, you can see a visual display of all ports that are open, their state, protocol, and the service that’s using the port.
Click on the “Host Details” tab, and you can see a summary display of scanned properties for each host. This can really come in handy when you have a very slow Internet connection and want to see what’s eating up all of your bandwidth. You may be surprised to discover that a device has an odd port open with some unknown service reaching out over the Internet through that port.
A far more popular use of this software is as a regular network scanner for maintaining a network. You can scan the entire range of IP addresses you’ve defined in your router, and the software will go through each IP, one at a time, and conduct a full scan on each device. You can define a range by using the CIDR style of addressing. In the example below I used /24 numbits to have the software scan 256 hosts starting at 192.168.1.1.
Once the network scan is done, all active hosts on the network will show up on the list to the left. Keep an eye out for any surprises showing up on your Wi-Fi network. You can click on each host device, and the scan results for that device will show up in the Nmap Output display on the right.
In my opinion, one of the coolest features of this software is the Topology display, which will give you a graphical representation of all of the devices on your network, as well as the security level represented by the scan results. You can right-click on the host node and select to see more details about it.
For regular routine monitoring and maintenance of your home or small business network, this wi-fi security software is a must-have. At the very least, it’ll give you the peace of mind of knowing exactly what’s on your network and what sort of activity is going on, utilizing your precious bandwidth.
Give Nmap a try. Did it uncover anything interesting going on in your network? Share your experiences with using it in the comments section below.