Nmap (“Network Mapper”) is a free and open source (license) utility for network exploration or security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime.
Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts.
For Windows you need to be download, but for Linux it,s pre-installed. i am using nmap on Linux. you can easily find out the your ip-address with ipconfig command on the windows command prompt or ifconfig command on the Linux terminal. By defauly nmap is scanning 1000 ports by default.
1. Find out all Open ports in a network
|[email protected]:~# nmap 192.168.1.0/24 or [email protected]:~# nmap 192.168.1.0-255|
This command will show you all the opened ports on the given network , Mac-address of all the connected devices.
2. Find out Live Host :-
|[email protected]:~# nmap -sP 192.168.1.* or [email protected]:~# nmap -sP 192.168.1.0-255|
This command will perform only ping scan to find out the live host in network including mac-address of devices. This command is not performing TCP or UDP scan.
3. Scan Top Ports
By default nmap is scanning 1000 ports. but you have option to scan top ports only. where 20 is defining top 20 ports.
|[email protected]:~# nmap –top-ports 20 192.168.1.10 or [email protected]:~# nmap –top-ports 20 192.168.1.0/24|
4. Find out Particular open Port
|[email protected]:~# nmap –sT –p80 192.168.1.1-50|
This command will help you to find out particular port only. In this syntex -sT is representing SYN request and -p is representing the protcol. 80 is port number of http.
5. Hide your Source IP-address during scan :-
|[email protected]:~# nmap –sS 192.168.1.1-5 –D 192.168.1.98,192.168.1.99|
Most of the time scan is easily going detected. so in this condition use -D syntex this will hide your real source IP-address and it will show you other IP-address defined after -D syntax.
6. Scan Top 100 Ports and Exclude some IP-address
|[email protected]:~# nmap -F 192.168.1.0/24 – -exclude 192.168.1.98,192.168.1.99|
-F syntax will scan 100 ports with — exclude syntax you can easily exclude some IP-address.
7. Exclude ICMP in your Scan
|[email protected]:~# nmap –Pn 192.168.1.100|
By default, nmap is doing first icmp scan but with the -Pn syntex you can exclude the icmp request during scan.
8. Find out Interface Info :-
|[email protected]:~# nmap – -iflist|
With this command you can find out the all interface information including IP-address and gateway address.
|[email protected]:~# nmap -T5 192.168.1.0/24|
10. Display the reason a port is in Particular state
|[email protected]:~# nmap –reason 192.168.1.1|
Nmap Scripting Engine :-
The Nmap Scripting Engine (NSE) is one of Nmap’s most powerful and flexible features. It allows users to write (and share) simple scripts to automate a wide variety of networking tasks. Those scripts are then executed in parallel with the speed and efficiency you expect from Nmap.
11. Default Scrpting Engine
|[email protected]:~# nmap – -script=default 192.168.1.100 or [email protected]:~#nmap -sC 192.168.1.100|
this will give you more detailed information about particular IP-address like OS , netbios information , computer name and smb information.
12. Get the Scripting Help :-
|[email protected]:~# nmap – -script-help discovery|
you can easily get the nmap scripting help with nmap – -script-help and put the group name.
13. Run Safe or Default Script
|[email protected]:~# nmap – -script “safe or default” 192.168.1.100|
14. Find out Discovery and version Information
|[email protected]:~# nmap – -script “discovery and version” 192.168.1.100|
|[email protected]:~# nmap –O <IP range>|
This command will do the Fingerprinting along with Port-scanning.
16. UDP Scanning with Nmap
|[email protected]:~# nmap –sU <IP range>|
Also Check :-
Hope you like my post. Nmap – Free Security Scanner For Network Exploration and Hacking. Please Share with others.