Nmap (Network Mapper): A Comprehensive Guide with Examples

Nmap, short for "Network Mapper," is a powerful open-source tool used for network discovery and security auditing. It is widely recognized for its versatility and effectiveness in scanning networks, identifying open ports, detecting services running on target systems, and more.

by Vikash Kumawat
0 comment 71 views

Nmap, short for “Network Mapper,” is a widely-used open-source tool for network scanning and security auditing. It is a versatile and powerful utility that helps users discover devices running on a network, identify open ports and services, and gather valuable information about target systems. Let’s explore Nmap with practical examples to better understand its capabilities.

Basic Nmap Usage:

1. Scanning a Single Host:

  • To scan a single host, simply provide the target’s hostname or IP address as an argument to the nmap command.
  • Example:

nmap target.com

This command scans the target host target.com and provides a summary of open ports and services.

2. Scanning a Range of IP Addresses:

  • You can scan a range of IP addresses by specifying the range in the target.
  • Example:

nmap 192.168.1.1-100

This command scans IP addresses from 192.168.1.1 to 192.168.1.100 inclusively.

3. Scanning an Entire Subnet:

  • To scan an entire subnet, use the CIDR notation for the target.
  • Example:

nmap 192.168.1.0/24

This command scans all IP addresses in the 192.168.1.0 subnet.

Port Scanning Techniques:

1. TCP Connect Scanning:

  • Use the -sT option for TCP connect scanning, which is the default scan technique.
  • Example:

nmap -sT target.com

This command performs a TCP connect scan on target.com.

2. UDP Scanning:

  • To scan UDP ports, use the -sU option.
  • Example:

nmap -sU target.com

This command performs a UDP scan on target.com.

3. Syn Scan (Half-Open Scanning):

  • Use the -sS option for SYN scan (half-open scanning).
  • Example:

nmap -sS target.com

This command conducts a SYN scan on target.com.

Service and Version Detection:

1. Default Service Detection:

  • By default, Nmap tries to identify the services running on open ports.
  • Example:

nmap -sV target.com

This command scans target.com and attempts to determine the service and its version on open ports.

2. Aggressive Service Detection:

  • The -A option enables aggressive service detection, providing even more details.
  • Example:

nmap -A target.com

This command performs aggressive service detection on target.com.

Operating System Detection:

1. OS Fingerprinting:

  • You can use the -O option to perform operating system fingerprinting.
  • Example:

nmap -O target.com

This command tries to identify the operating system of target.com.

These examples showcase some of Nmap’s basic functionalities. Nmap’s extensive options and scripting capabilities make it a valuable tool for network reconnaissance, security assessment, and vulnerability detection. Be aware that Nmap should be used responsibly and ethically, and it’s crucial to obtain proper authorization before scanning networks that you do not own or administer.

You may also like

Leave a Comment

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More

Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?
-
00:00
00:00
Update Required Flash plugin
-
00:00
00:00