DEV Community

Mohana Vamsi
Mohana Vamsi

Posted on

2 1 1

Nmap

Nmap is a powerful, an open-source tool employed to help system administrators and auditors to discover networks as well as to assess the security of the network. It can recognize the connected devices, opened ports, and running services within the networks and hence give a good insight of a network’s security.

Basic Scanning:
To begin, a simple scan targets the most common 1,000 TCP ports on a specific host with the command:To begin, a simple scan targets the most common 1,000 TCP ports on a specific host with the command:

 nmap <target_ip_or_domain>
Enter fullscreen mode Exit fullscreen mode

Port and Range Scanning:
You can scan specific ports using the -p flag:You can scan specific ports using the -p flag:

 nmap -p 22,80,443 <target_ip_or_domain>
Enter fullscreen mode Exit fullscreen mode

For a range, the command is:For a range, the command is:

 nmap -p 1-1000 <target_ip_or_domain>
Enter fullscreen mode Exit fullscreen mode

**Verbose Output and OS Detection:Here is what some of you said:
For more details, use verbose mode:For more details, use verbose mode:

 nmap -v <target_ip_or_domain>
Enter fullscreen mode Exit fullscreen mode

OS detection requires root privileges:OS detection requires root privileges:

 sudo nmap -O <target_ip_or_domain>
Enter fullscreen mode Exit fullscreen mode

Service and Aggressive Scans:
Detect service versions with:

 nmap -sV <target_ip_or_domain>
Enter fullscreen mode Exit fullscreen mode

The -A option performs a comprehensive scan, including OS detection and traceroute:The -A option performs a comprehensive scan, including OS detection and traceroute:

 sudo nmap -A <target_ip_or_domain>
Enter fullscreen mode Exit fullscreen mode

Additional Features:
Timing templates can change scan speeds (-T0 through -T5) and you can scan for multiple targets and or subnets. Use the --exclude to not allow to connect to specific hosts. It is possible to save the results in normal or XML format and choose a ping scan for identification of alive hosts without performing the port scan.

*Firewall Evasion and UDP Scanning:Let me know if there is something floating around out there with the title: *
When you want to avoid getting trapped by firewalls use the command -Pn’ to disable host discovery. If the scanning of UDP ports is needed, use-sU` however this is much slower than other types of scans.

As we said, Nmap is a marvelous tool, but it should only be run on networks that are not ours without the owner’s permission. Illegal use of the product is prohibited and so is the unethical use of the product.

profile
AWS
 Promoted

AWS Security LIVE!

Join us for AWS Security LIVE!

Discover the future of cloud security. Tune in live for trends, tips, and solutions from AWS and AWS Partners.

Learn More

Top comments (0)

profile
Sentry
 Promoted

Sentry image

See why 4M developers consider Sentry, “not bad.”

Fixing code doesn’t have to be the worst part of your day. Learn how Sentry can help.

Learn more

Read next

mikeyoung44 profile image

AI Maps Power Grid Weak Points in Milliseconds with 98.7% Accuracy

Mike Young -

mikeyoung44 profile image

Simple Training Trick Makes AI Better at Logic, Regardless of Information Order

Mike Young -

mikeyoung44 profile image

AI Performance Breakthrough: New Method Cuts Costs 30% While Boosting Speed 25%

Mike Young -

mikeyoung44 profile image

AI Math Generator Creates Better Math Problems Than GPT-4, Study Shows

Mike Young -

👋 Kindness is contagious

Please leave a ❤️ or a friendly comment on this post if you found it helpful!

Okay