Task 2 : How can we detect external nmap attack with TCPDump

Hello, in today’s article, I will try to show how to analyze external nmap scans with tcpdump.

We have 2 virtual machines. / Kali Linux / Metasploitable

My Metasploitable system ip: 192.168.1.44

My Kali Linux system ip: 192.168.1.43

firstly we check the nmap scan

Metasploitable systems are includes many vuln but let’s get back to our topic

Now let’s listen to tcpdump from our metasploitable system

Let’s scan nmap from our Kali machine while tcpdump is listening

White: Kali Linux-Attacker İP (requests)

Red: Metasploitable İP (response)

UNIQUESEC Student Club https://uniquesec.org/

Linkedin https://www.linkedin.com/company/uniquesec