At first I was using nmap to discover other virtual machines that were guest OS on my Linux Mint, however while scanning I discovered my host OS (Linux Mint) had opened ports which I did not have knowledge about and I did not need them at all.
PORT STATE SERVICE
25/tcp open smtp
139/tcp open netbios-ssn
445/tcp open microsoft-ds
My favourite option for nmap:
nmap -sS -Pn -O -n 192.168.20.0/24
This means nmap will use syn scan, without resolving the address and without pinging the addresses and also to find out their OS version.
It turned out that I had smbd running at the background using port 445 and 139, since I did not need these for file transfer between windows and my Linux machine I had decided to remove them.
netstat -antp |grep 445
This command revealed the process smbd was running. For simplicity, I installed chkconfig to make sure smbd would not load automatically after boot.
chkconfig smbd off
service smbd stop
I also did not need a smtp server, it turned out I had postfix installed (Perhaps Linux Mint installed postfix automatically?). I used to need this in the past when I was using OSSEC, but I do not need them as of now, and I do not like processes turn on without letting me know, hence I stopped the postfix service and used chkconfig.
/etc/init.d/postfix stop
chkconfig postfix off
nmap is a good tool for doing vulnerability assessment, it is not a VA tool but part of VA process is to understand the target, and nmap fits well during reconnaissance phase.
cyruslab 