September 5, 2024. The NSA,FBI and CISA published a joint cybersecurity advisory about Russian military hackers GRU Unit 29155. The Unit targeted the US and Nato's infrastructure. One of the most famous/old hacking tools out there was used in these attacks: Nmap.
View full document here: [CSA-Russian-Military-Cyber-Target-US-Global-CI.PDF](https://github.com/user-attachments/files/27400395/CSA-Russian-Military-Cyber-Target-US-Global-CI.PDF)
Context
Nmap is short for Network Mapper, it is used to discover hosts and services running on a network, creating a "map". Intended for personal use by Gordon Lyon in 1997, nmap was later published for the public through Phrack magazine. After all these years, Nmap is still used to this day by hackers all around the world to perform cybersecurity attacks.
Requirements
In order to understand how Nmap works, we should have some knowledge about Ip adresses,Mac adresses,subnetting,protocols and ports. Let's dive in!
Ip Adress