I used Nmap to identify and track specific communication protocols on a restricted government network to verify claims of illegal activity and ultimately prove that the network was not being used for that purpose.
The area we operate in is very restricted. It's a hilly area for telecommunications, and it's a restricted area.
So, as we operate there for one of the government projects, we implemented the setup for communication purposes. However, the authority received a claim from a third party that someone was using VIP on this network, and being a purely government entity, does not have any intention of that. The spectrum authority claimed that this was the situation, and they initiated a letter and established a team to verify this. At that time, they weren't aware of any software that could track the communication protocols they were using.
So, I used the Nmap solution there. We found every single port, and all the communications, and we proved that there was no VIP-related activity because security-wise, it's illegal.