Identifying Network Traffic: Anatomy of Data Packets

In order to identify Nmap data packets, we need to understand the structure of the data packet, the information contained in it and what makes an 'Nmap' Data packet different from other network requests coming from other sources.

Data packets

There are 3 major types of data packets: UDP, TCP and IP data packets.Each of these data packets contain similar structures but at the same time, different in many blocks. The following is a graphical representation of them:

UDP

TCP: Transmission Control Protocol (TCP)

Identifying Nmap Traffic

Capturing Network traffic, is an essential task in order to identify NMAP packets.

Wireshark Network Analyzer

Wireshark is a network analyzer tool that captures the network traffic sent and received to the machine. In this case, the Nmapalyzer, will use captured data generated by Wireshark, to analyze the network traffic and identify those packets sent by an Nmap program.