- Scan a Single Host or an IP Address. Scan a Single IP Address: $ nmap 192.168.1.1.
- Basic Nmap Scan against IP or host. Now, if you want to scan a hostname, simply.
- Related Questions & Answers
Discover which devices are connected to any Wi-Fi network, map devices, detect intruders.
- Selected Reading
Nmap is a free open source tool, employed to discover hosts and services on a computer network by sending packets and analyzing the retrieved responses. Nmap offers some features for probing computer networks, including host discovery and service and operating system detection.
-
Nmap can provide further information on targets, including reverse DNS names, device types, and MAC addresses.
-
Host discovery – Identifying hosts on a network. For example, listing the hosts that respond to TCP and/or ICMP requests or have a particular port open.
-
Port scanning – Enumerating the open ports on target hosts.
-
OS detection – Determining the operating system and hardware characteristics of network devices.
-
Version detection – Interrogating network services on remote devices to determine the application name and version number.
-
Scriptable interaction with the target support using the Nmap Scripting Engine (NSE).
Usage of Nmap
-
Auditing the security of a device or firewall by identifying the network connections which can be made to, or through it.
-
Identifying open ports on a target host in preparation for auditing.
-
Network inventory, network mapping, and maintenance and asset management.
-
Auditing the security of a network by identifying new servers.
-
Generating traffic to hosts on a network, response analysis and response time measurement.
-
Finding and exploiting vulnerabilities in a network.
-
DNS queries and subdomain search
NMAP Commands Cheatsheet
The following section explains the usage of category-wise NMAP diverse commands with examples as following -
Basic Scanning Commands
| Goal | Command | Example |
|---|---|---|
| Scan a Single Target | nmap [target] | nmap 192.168.0.1 |
| Scan Multiple Targets | nmap [target1, target2, etc | nmap 192.168.0.1 192.168.0.2 |
| Scan a Range of Hosts | nmap [range of ip addresses] | nmap 192.168.0.1-10 |
| Scan an Entire Subnet | nmap [ip address/cdir] | nmap 192.168.0.1/24 |
| Scan Random Hosts | nmap -iR [number] | nmap -iR 0 |
| Excluding Targets from a Scan | nmap [targets] – exclude [targets] | nmap 192.168.0.1/24 –exclude 192.168.0.100, 192.168.0.200 |
| Excluding Targets Using a List | nmap [targets] – excludefile [list.txt] | nmap 192.168.0.1/24 –excludefile notargets.txt |
| Perform an Aggressive Scan | nmap -A [target] | nmap -A 192.168.0.1 |
| Scan an IPv6 Target | nmap -6 [target] | nmap -6 1aff:3c21:47b1:0000:0000:0000:0000:2afe |
Discovery Options
| Goal | Command | Example |
|---|---|---|
| Perform a Ping Only Scan | nmap -sP [target] | nmap -sP 192.168.0.1 |
| Don’t Ping | nmap -PN [target] | nmap -PN 192.168.0.1 |
| TCP SYN Ping | nmap -PS [target] | nmap -PS 192.168.0.1 |
| TCP ACK Ping | nmap -PA [target] | nmap -PA 192.168.0.1 |
| UDP Ping | nmap -PU [target] | nmap -PU 192.168.0.1 |
| SCTP INIT Ping | nmap -PY [target] | nmap -PY 192.168.0.1 |
| ICMP Echo Ping | nmap -PE [target] | nmap -PE 192.168.0.1 |
| ICMP Timestamp Ping | nmap -PP [target] | nmap -PP 192.168.0.1 |
| CMP Address Mask Ping | nmap -PM [target] | nmap -PM 192.168.0.1 |
| IP Protocol Ping | nmap -PO [target] | nmap -PO 192.168.0.1 |
| ARP Ping | nmap -PR [target] | nmap -PR 192.168.0.1 |
|---|---|---|
| Traceroute | nmap –traceroute [target] | nmap –traceroute 192.168.0.1 |
| Force Reverse DNS Resolution | nmap -R [target] | nmap -R 192.168.0.1 |
| Disable Reverse DNS Resolution | nmap -n [target] | nmap -n 192.168.0.1 |
| Alternative DNS Lookup | nmap –system-dns [target] | nmap –system-dns 192.168.0.1 |
| Manually Specify DNS Server(s) | nmap –dns-servers [servers] [target] | nmap –dns-servers 201.56.212.54 192.168.0.1 |
| Create a Host List | nmap -sL [targets] | nmap -sL 192.168.0.1/24 |
Advanced Scanning Options
| Goal | Command | Example |
|---|---|---|
| TCP SYN Scan | nmap -sS [target] | nmap -sS 192.168.0.1 |
| TCP Connect Scan | nmap -sT [target] | nmap -sT 192.168.0.1 |
| UDP Scan | nmap -sU [target] | nmap -sU 192.168.0.1 |
| TCP NULL Scan | nmap -sN [target] | nmap -sN 192.168.0.1 |
| TCP FIN Scan | nmap -sF [target] | nmap -sF 192.168.0.1 |
| Xmas Scan | nmap -sX [target] | nmap -sX 192.168.0.1 |
| TCP ACK Scan | nmap -sA [target] | nmap -sA 192.168.0.1 |
| Custom TCP Scan | nmap –scanflags [flags] [target] | nmap –scanflags SYNFIN 192.168.0.1 |
| IP Protocol Scan | nmap -sO [target] | nmap -sO 192.168.0.1 |
| Send Raw Ethernet Packets | nmap –send-eth [target] | nmap –send-eth 192.168.0.1 |
| Send IP Packets | nmap –send-ip [target] | nmap –send-ip 192.168.0.1 |
Port Scanning Options
| Goal | Command | Example |
|---|---|---|
| Perform a Fast Scan | nmap -F [target] | nmap -F 192.168.0.1 |
| Scan Specific Ports | nmap -p [port(s)] [target] | nmap -p 21-25,80,139,8080 192.168.1.1 |
| Scan Ports by Name | nmap -p [port name(s)] [target] | nmap -p ftp,http* 192.168.0.1 |
| Scan Ports by Protocol | nmap -sU -sT -p U: [ports],T:[ports] [target] | nmap -sU -sT -p U:53,111,137,T:21- 25,80,139,8080 192.168.0.1 |
| Scan All Ports | nmap -p ‘*’ [target] | nmap -p ‘*’ 192.168.0.1 |
| Scan Top Ports | nmap –top-ports [number] [target] | nmap –top-ports 10 192.168.0.1 |
| Perform a Sequential Port Scan | nmap -r [target] | nmap -r 192.168.0.1 |
Version Detection
| Goal | Command | Example |
|---|---|---|
| Operating System Detection | nmap -O [target] | nmap -O 192.168.0.1 |
| Submit TCP/IP Fingerprints | www.nmap.org/submit/ | |
| Fingerprints | ||
| Attempt to Guess an Unknown OS | nmap -O –osscan guess [target] | nmap -O –osscan-guess 192.168.0.1 |
| Service Version Detection | nmap -sV [target] | nmap -sV 192.168.0.1 |
| Troubleshooting Version Scans | nmap -sV –version trace [target] | nmap -sV –version-trace 192.168.0.1 |
| Perform a RPC Scan | nmap -sR [target] | nmap -sR 192.168.0.1 |
Firewall Evasion Techniques
| Goal | Command | Example |
|---|---|---|
| augment Packets | nmap -f [target] | nmap -f 192.168.0.1 |
| pacify a Specific MTU | nmap –mtu [MTU] [target] | nmap –mtu 32 192.168.0. |
| Use a Decoy | nmap -D RND:[number] [target] | nmap -D RND:10 192.168.0.1 |
| le Zombie Scan | nmap -sI [zombie] [target] | nmap -sI 192.168.0.38 |
| Manually Specify a Source Port | nmap –source-port [port] [target] | nmap –source-port 10 192.168.0.1 |
| Append Random Data | nmap –data-length [size] [target] | nmap –data-length 2 192.168.0.1 |
| Randomize Target Scan Order | nmap –randomize-hosts [target] | nmap –randomize-ho 192.168.0.1-20 |
| Spoof MAC Address | nmap –spoof-mac [MAC|0|vendor] [target] | nmap –spoof-mac Cis 192.168.0.1 |
| Send Bad Checksums | nmap –badsum [target] | nmap –badsum 192.168.0.1 |
Troubleshooting And Debugging
| Goal | Command | Example |
|---|---|---|
| Getting Help | nmap -h | nmap -h |
| Display Nmap Version | nmap -V | nmap -V |
| Verbose Output | nmap -v [target] | nmap -v 192.168.0.1 |
| Debugging | nmap -d [target] | nmap -d 192.168.0.1 |
| Display Port State Reason | nmap –reason [target] | nmap –reason 192.168.0.1 |
| Only Display Open Ports | nmap –open [target] | nmap –open 192.168.0.1 |
| Trace Packets | nmap –packet-trace [target] | nmap –packet-trace 192.168.0.1 |
| Display Host Networking | nmap –iflist | nmap –iflist |
| Specify a Network Interface | nmap -e [interface] [target] | nmap -e eth0 192.168.0.1 |
NMAP Scripting Engine
| Goal | Command | Example |
|---|---|---|
| Execute Individual Scripts | nmap –script [script.nse] [target] | nmap –script banner.nse 192.168.0.1 |
| Execute Multiple Scripts | nmap –script [expression] [target] | nmap –script ‘http-*’ 192.168.0.1 |
| Script Categories | all, auth, default, discovery, external, intrusive, malware, safe, vuln | |
| Execute Scripts by Category | nmap –script [category] [target] | nmap –script ‘not intrusive’ 192.168.0.1 |
| Execute Multiple Script Categories | nmap –script [category1,category2,etc] | nmap –script ‘default or safe’ 192.168.0.1 |
| Troubleshoot Scripts | nmap –script [script] –script trace [target] | nmap –script banner.nse –script-trace 192.168.0.1 |
| Update the Script Database | nmap –script-updatedb | nmap –script-updatedb |
Nmap is the world’s leading port security network scanner. The Nmap hosted security tool can help you determine how well your firewall and security configuration is working.
This guide will show you how to use Nmap to scan all open ports on Linux systems.
- Linux operating system
- Access to a user account with sudo or root privileges
- Access to a command line/terminal window
- The apt package manager, included by default (Debian / Ubuntu)
- The yum package manager, included by default (Red Hat, CentOS)
On modern operating systems, ports are numbered addresses for network traffic. Different kinds of services use different ports by default.
V-Ray for SketchUp is designed to get you up. Crack for vray mac os. Therefore, it lets you create the highest quality of possible renders, by using directly in the SketchUp. So, that is why it is very easy to use and easy to learn. » » VRay 4.20.01 Crack With Torrent Sketchup For V-Ray Free Download V-Ray Crack Full Version Free DownloadV-Ray Crack is normally used by professionals for rendering and also for architects and designers. In addition, it is running in no time.
For example, regular web traffic uses port 80, while the POP3 email uses port 110. One of the ways that a firewall works is by allowing or restricting traffic over a particular port.
Because the port configuration can cause a security risk, it’s critical to know which ports are open and which are blocked.
If you need assistance with installing Nmap, refer to our tutorial on How to Install Nmap on Linux systems.
To scan Nmap ports on a remote system, enter the following in the terminal:
Replace the IP address with the IP address of the system you’re testing. This is the basic format for Nmap, and it will return information about the ports on that system.
In addition to scanning by IP address, you can also use the following commands to specify a target:
To scan a host:
To scan a range of IP addresses (.1 – .10):
To run Nmap on a subnet:
To scan targets from a text file:
Note: The developers at nmap.org provide a test server that you can experiment on, located at scanme.nmap.org. You can use this to test your Nmap utility.
Nmap commands can be used to scan a single port or a series of ports:
Scan port 80 on the target system:
Scan ports 1 through 200 on the target system:
Scan (Fast) the most common ports:
To scan all ports (1 – 65535):
Different types of scans can be performed:
To scan using TCP connect (it takes longer, but is more likely to connect):
To perform the default SYN scan (it tests by performing only half of the TCP handshake):
To instruct Nmap to scan UDP ports instead of TCP ports (the –p switch specifies ports 80, 130, and 255 in this example):
Run a fast scan on the target system, but bypass host discovery. (Host discovery uses ping, but many server firewalls do not respond to ping requests. This option forces the test without waiting for a reply that may not be coming):
The nmap utility can be used to detect the operating system of a particular target:
It can also be used to probe for the services that might be using different ports:
Note: The –sV option can be tuned to be more or less aggressive in its scan. Use the ––version-intensity 2 option to specify the level of testing. Replace the number 2 with a number from 0 (light testing) to 9 (run all probes). The more intense the testing, the longer the scan will take.
Here is a brief list of standard ports and their designations:
- 21 – FTP
- 22 – SSH
- 25 – SMTP (sending email)
- 53 – DNS (domain name service)
- 80 – HTTP (web server)
- 110 – POP3 (email inbox)
- 123 – NTP (Network Time Protocol)
- 143 – IMAP (email inbox)
- 443 – HTTPS (secure web server)
- 465 – SMTPS (send secure email)
- 631 – CUPS (print server)
- 993 – IMAPS (secure email inbox)
- 995 – POP3 (secure email inbox)
A Linux firewall can be configured to block all traffic on a particular port.
For example, a firewall can be set to block Port 80, but users won’t be able to load any website in that case. You can use firewall rules to allow some ports, but block others. Use a firewall in conjunction with other network security tools and software to scan traffic on a particular port, and to watch for suspicious traffic.
You should only use Nmap port scanning on servers that you own, or that you have permission to scan. Often, port-scanning is seen as an aggressive method, or a prelude to a cyber attack. It is also considered a bad practice to tie up a server’s resources by using Nmap to run repeated scans on the same target.
It is possible that during your scan, you may find unusual activity. For example, you may see a service running on an unusual port number. This means there is something strange going on, and should be investigated.
The OS and Service scanning options are helpful for scanning a particular port or service to get more information. If a service is running on a non-default port, it might be by design – or it might suggest there is a security breach.
Ports often have a default usage. Most ports under 1000 are dedicated and assigned to a specific service.
This guide provided an overview of Nmap scanning and how you can use it for testing ports in Linux. You should now understand how ports work, and why it is important to know how they are used.
Nmap adds a versatile tool to any system administrator’s arsenal for debugging and locating security flaws.
Next you should also read
Nmap For Macbook Air
This article will help you how to install Nmap on Ubuntu 18.04 as well as explore some of the options it has…
Nmap stands for Network Mapper. It is an open source tool for network exploration and security auditing. With…
ModSecurity is an Open-source firewall application for Apache. Learn how to Setup & Configure ModSecurity on…
The mod_evasive tool is an Apache web services module that helps your server stay running in the event of an…
Nmap For Mac Address
Nginx (pronounced “Engine X”) is a reverse proxy application. A standard proxy server works on behalf of…
Nmap For Mac Download
Firewalls have become an essential part of every network that has access to the Internet. Without firewalls,…