Packet-Level Analysis of Network Reconnaissance Techniques Using Nmap and Wireshark

Abstract

This project reports an applied cybersecurity study that examines network reconnaissance methods, packet-level traffic inspection, and weaknesses in authentication security. This study aims to examine how reconnaissance and scanning activities appear in network traffic and how defenders can identify and interpret these patterns for cybersecurity monitoring and response. The project uses industry-standard tools, including Nmap and Wireshark, to examine network behavior in controlled, authorized settings. The early stages involve network discovery and service enumeration, where an attacker maps active hosts, identifies open ports, and infers operating system traits. This project tests the proposed scanning behavior using real network traffic and shows that scans produce clear traffic patterns that can be detected by network monitoring tools and intrusion detection systems. The project assesses weaknesses in authentication by running password-cracking exercises and reviewing cryptographic hashing, with a focus on the risks created by weak credentials. This project combines reconnaissance, packet analysis, secure authentication, and cryptographic checks to connect cybersecurity theory with hands-on defensive practice. It stresses the need for strong network visibility and layered security controls. Key Terms – Authentication Security, Cryptographic Hashing, Network Reconnaissance, Nmap, Packet Analysis, TCP Flags, Wireshark.