-
Notifications
You must be signed in to change notification settings - Fork 0
Guide to Nmap
Nmap, short for "Network Mapper", is an open-source tool used for network discovery and security auditing. It can be used to discover devices running on a network and find open ports along with various attributes of the network.
Nmap can be installed on various operating systems:
- Linux: sudo apt-get install nmap
- Windows: Download from Nmap's official site
- MacOS: brew install nmap
- Ping Scan:
nmap -sn <target>This command will only ping the target to check if it's alive.
- Port Scanning:
nmap <target>This will scan the 1,000 most common ports.
- Version Detection:
nmap -sV <target>This will detect the service versions.
- Stealth Scan:
nmap -sS <target>This is a stealthier scan as it doesn't complete the TCP handshake.
- UDP Scan:
nmap -sU <target>Scans for open UDP ports.
- OS Detection:
nmap -O <target>Tries to determine the operating system of the target.
Nmap comes with a powerful scripting engine called NSE (Nmap Scripting Engine). Scripts can be used to automate a wide variety of networking tasks:
nmap --script=<script-name> <target>For example, to check for vulnerabilities:
nmap --script=vuln <target>
Nmap supports various output formats:
- Standard: Displayed on the console.
- XML: -oX <filename.xml>
- Grepable: -oG <filename.gnmap>
- All formats: -oA
- Fast Scan: Add the -T4 flag to speed up the scan.
- Avoiding Firewalls: Use the -Pn flag to skip the ping step, which can help avoid firewalls.
- Verbose Mode: Use the -v flag for verbose output.
Nmap is a versatile tool that should be in every network administrator's and penetration tester's toolkit. With its wide range of functionalities, it can assist in network discovery, vulnerability detection, and much more. Always ensure to use Nmap ethically and only on networks where you have permission.