How to use NMAP Security Scanner

What is NMAP?

NMAP is an open source network discovery and security adding utility.

How NMAP works?

NMAP sends data packets on a specific target (IP) and interprets the incoming packets to determine which ports are open/closed.

What is a port?

the endpoint of communication in an operating system.

Important points

It's associated with the IP address of the host.
It's also associated with protocol type of the communication. Example: TCP, FTP, etc.
It's identified with a 16 bit number. Example: 80

How to install NMAP

Open terminal
For CentOS: yum install nmap
For Debian: apt get install nmap
For Ubuntu: sudo apt-get install nmap

Note: NMAP comes pre-packaged with Kali Linux.

Using the NMAP Security Scanner

Some things to know about NMAP

NMAP is open-source, so you can download the whole source code.
NMAP is completely free to use.
NMAP is not meant for malicious activities.

To get an overview of all the params that NMAP can be used with

>_ nmap -help

To scan using hostname

>_ nmap <hostname>

To scan using IP Address

>_ nmap <ip address>

To scan using "-v" option

>_ nmap -v <host>

To scan multiple hosts at the same time

>_ nmap <host1> <host2> <host3>

To scan a whole subnet or IP range

>_ nmap 192.168.0.*

What is subnet?

A network divided into two or more networks is called subnet.

To scan a list of hosts using a .txt file

>_ nmap -iL filename.txt

To scan an IP Address range

>_ nmap 192.168.0.101-105

To scan OS information

>_ nmap -A <host>

To enable OS detection with NMAP

>_ nmap -o <host>

To scan a host to detect firewall

>_ nmap -sA <host>

To scan a host to see if it's protected by any packet filtering software or firewalls.

>_nmap -PN <host>

Find live hosts in a network

>_ nmap -sP 192.168.0.*

To scan for a specific port

>_ nmap -p 80 <host>

To scan for multiple ports

>_ nmap -p 80, 443 <host>

To perform a TCP null scan to fool a WiFi

>_ nmap -sN <host>

That's it for now :)

How to use nmap

By Rishabh Sinha

How to use nmap

These slides explains basics and how-to of NMAP Security Scanner tool.

Rishabh Sinha

rshabhsinha

How to use NMAP Security Scanner

What is NMAP?

NMAP is an open source network discovery and security adding utility.

How NMAP works?

NMAP sends data packets on a specific target (IP) and interprets the incoming packets to determine which ports are open/closed.

What is a port?

the endpoint of communication in an operating system.

Important points

How to install NMAP

Using the NMAP Security Scanner

Some things to know about NMAP

To get an overview of all the params that NMAP can be used with

>_ nmap -help

To scan using hostname

>_ nmap <hostname>

To scan using IP Address

>_ nmap <ip address>

To scan using "-v" option

>_ nmap -v <host>

To scan multiple hosts at the same time

>_ nmap <host1> <host2> <host3>

To scan a whole subnet or IP range

>_ nmap 192.168.0.*

What is subnet?

A network divided into two or more networks is called subnet.

To scan a list of hosts using a .txt file

>_ nmap -iL filename.txt

To scan an IP Address range

>_ nmap 192.168.0.101-105

To scan OS information

>_ nmap -A <host>

To enable OS detection with NMAP

>_ nmap -o <host>

To scan a host to detect firewall

>_ nmap -sA <host>

To scan a host to see if it's protected by any packet filtering software or firewalls.

>_nmap -PN <host>

Find live hosts in a network

>_ nmap -sP 192.168.0.*

To scan for a specific port

>_ nmap -p 80 <host>

To scan for multiple ports

>_ nmap -p 80, 443 <host>

To perform a TCP null scan to fool a WiFi

>_ nmap -sN <host>

That's it for now :)

How to use nmap

More from Rishabh Sinha