.png)
6 months ago
51 BOOK THIS SPACE FOR AD
ARTICLE ADIntroduction:
In today’s interconnected world, understanding the layout and security of your network is paramount. This is where Nmap shines — a powerful network scanning tool that provides valuable insights into your network’s topology, services, and potential vulnerabilities. Whether you’re a system administrator, network engineer, or security enthusiast, mastering Nmap is essential for safeguarding your digital assets. In this blog post, we’ll delve into the fundamentals of Nmap and explore its capabilities.
Nmap, short for “Network Mapper,” is an open-source tool used for network exploration and security auditing. Developed by Gordon Lyon (also known as Fyodor), Nmap is renowned for its versatility and effectiveness in scanning networks of all sizes.
Always run Nmap as root.Using the -v switch in the Nmap command increases verbosity level.# nmap -v Target_Ip_AddressesYou can scan a domain using these Nmap command.# nmap -v Target_Domain.comWith this command, you can scan the target IP address.# nmap -v Target_Ip_Addresses.With this command, you can specify the entire network of target IP addresses.# nmap -v Target_Ip_Addresses/Network.With this command, you can specify the selected target IP address.# nmap -v 192.168.1.1,3,5With this command, you can specify the target IP address range.# nmap -v 192.168.1.1-254With this command, you can specify the selected network or range of target IP addresses.# nmap -v 192.168.1,2.1-100You can use the -iL option with Nmap to scan a list of IP addresses stored in a file. This allows you to scan specific hosts without having to input each IP address manually.
With this command, you can scan input from a list of hosts/networks.# nmap -v -iL <file.txt>With this command, you can scan random targets.# nmap -v -iR 20With this command, you can exclude hosts or networks.# nmap -v 192.168.1.1/24 --exclude 192.168.1.25-50With this command, you can excludefile .# nmap -v 192.168.1.1/24 --excludefile <exclude-file.txt>Nmap can identify live hosts on a network using various techniques like ICMP echo requests, TCP SYN scans, and ARP requests.
With this command, you can simply list targets to scan.# nmap -v -sL <Target_Ip/Subnet>With this command, you can perform a Ping Scan and disable port scanning.# nmap -v -sn <Target_Ip/Subnet>With this command, you can treat all hosts as online or disable pinging.# nmap -v -Pn <Target_Ip/Subnet>With this command, synchronized packets will be sent to the port being scanned.# nmap -v -PS <Target_Ip/Subnet># nmap -v -PS80 <Target_Ip/Subnet>With this command, acknowlegment packets will be sent to the port being scanned.# nmap -v -sn -PA <Target_Ip>With this command, SCTP packets will be sent to the port being scanned.# nmap -v -sn -PY <Target_Ip/Subnet>With this command, UDP packets will be sent to the port being scanned.# nmap -v -sn -PU <Target_Ip/Subnet>You can use the -PE switch in Nmap to send ICMP echo packets to target IP addresses.# nmap -v -sn -PE <Target_Ip/Subnet>You can use the -PM switch in Nmap to send netmask request packets to target IP addresses.# nmap -v -sn -PM <Target_Ip/Subnet>You can use the -PP switch in Nmap to send timestamp packets to target IP addresses.# nmap -v -sn -PP <Target_Ip/Subnet>You can use the -PO switch with Nmap to only ping hosts using the IP protocol.# nmap -v -sn -PO <Target_Ip/Subnet>Using the -n switch with Nmap, you can ensure that no DNS resolution is performed.# nmap -v -sn -n <Target_Ip/Subnet>You can use the -R switch with Nmap to enable DNS resolution.# nmap -v -sn -R <Target_Ip/Subnet>You can specify custom DNS servers with Nmap using the — dns-servers switch followed by the IP addresses of the desired DNS servers.# nmap -v -sn <Target_ip/subnet> --dns-servers 64.6.64.6You can use the — system-dns switch with Nmap to utilize the system’s default DNS configuration.# nmap -v -sn --system-dns <Target_ip/subnet>We use the — traceroute switch with Nmap during internal network penetration testing to determine how many IP addresses are between our PC and the
target PC.# nmap -v --traceroute <Target_ip>
Nmap can detect open ports on target systems, allowing administrators to assess which services are running and potentially vulnerable to attacks.
Using the -p switch with Nmap allows you to specify which ports to scan. By default, if no ports are specified, Nmap will scan the top 1000 ports. So, with the -p switch, you can scan the top 1000 ports of the target IP addresses.# nmap -v -p <Target_Ip/Subnet>Using the -p- switch with Nmap allows you to scan all 65535 ports.# nmap -v -p- <Target_Ip>With this command, you can scan a single port.# nmap -v -p 80 <Target_Ip/Subnet>With this command, you can scan a multiple port.# nmap -v -p 80,25,22 <Target_Ip>With this command, you can define a range to scan ports.# nmap -v -p 100–200 <Target_Ip>With this command, you can define a range or multiple port to scan ports.# nmap -v -p 100–200,22,80,25 <Target_Ip>Using the -F switch with Nmap allows you to perform a fast scan.# nmap -v -F <Target_Ip/Subnet>Using the -r switch with nmap, you can scan ports sequentially — don’t randomize.# nmap -v -r -p- <Target_Ip/Subnet>Using the — top-ports switch with Nmap allows you to scan the most common ports.# nmap -v - top-ports 10 <Target_Ip/Subnet>With the -sT switch, you can perform a TCP port scan using nmap for Target IP addresses.# nmap -v -sT -p 0–65535 <Target_Ip># nmap -v -sT -p 23 <Target_Ip>With the -sU switch, you can perform a UDP port scan using nmap for Target IP addresses.# nmap -v -sU -p 23 <Target_Ip># nmap -v -sU -p 53,67,68,69 <Target_Ip>With this command, you can scan both TCP and UDP ports.# nmap -v -sT -sU -p U:53,67,68,69,T:22,25 <Target_Ip>If the port is not known, you can also perform a port scan by providing the service name with this command.# nmap -v -p http <Target_Ip>You can also use a wildcard with the service name.# nmap -v -p http* <Target_Ip>Using the — exclude-ports switch with nmap, you can exclude the specified ports from scanning.# nmap -v -p 400-446 --exclude-ports 445 <Target_Ip>You can also specify a range in the exclude ports with this command.# nmap -v -p 400–446 - exclude-ports 440–445 <Target_Ip>You can also use a wildcard with the service name in conjunction with excluding ports with this command.# nmap -v -p- --exclude-ports ftp* <Target_Ip>1]Open :- Means the port is open and actively accepting connections. 2]Closed :- Means the port is closed, and no connections can be made.
3]Filtered :- Means that a firewall, filter, or other network obstacle is blocking the port so that Nmap cannot determine whether it is open or closed.
With the -oX switch, you can perform an output scan in XML format using Nmap.# nmap -v -p 80,8080,445 <Target_Ip> -oX file.xmlUsing the -oN switch with Nmap allows you to perform a normal output scan with this command.# nmap -v -p 80,8080,445 <Target_Ip> -oN file.nmapWith the -oG switch, you can perform an output scan in a grep-able format using Nmap with this command.# nmap -v -p 80,8080,445 <Target_Ip> -oG file.grepableUsing the -oS switch with Nmap allows you to perform an output scan in script format with this command.# nmap -v -p 80,8080,445 <Target_Ip> -oS file.sciUsing the -oA switch with Nmap allows you to perform an output scan in three major formats at once with this command.# nmap -v -p 80,8080,445 <Target_Ip>-oA <file_name>Using the -v switch with Nmap increases the verbosity level (use -vv or more for greater effect).# nmap -v -p 80,8080 <Target_Ip># nmap -vvv -p 80,22,25 <Target_Ip>Using the -d switch with Nmap increases the debugging level (use -dd or more for greater effect).# nmap -d -p- <Target_Ip># nmap -dd -p 80,8080,445 <Target_Ip>Using the — webxml switch with Nmap allows you to perform an output scan in the Reference stylesheet from Nmap.Org for more portable XML with these commands.# nmap -v <target> --webxml -oX output.xmlUsing the — resume switch with Nmap allows you to resume an aborted scan from where it stopped.# nmap --resume <output_file.txt>With the — stylesheet <path/URL> switch, you can use Nmap to perform an output scan and transform XML output to HTML using the XSL stylesheet specified by the path or URL.# nmap -v -sV -A -sC <Target_Ip> --stylesheet <path/URL> -oX file.xmlWith the — reason switch, Nmap can display the reason a port is in a particular state in the output scan.# nmap -v -p 80,8080,445 <Target_Ip> --reasonWith the — open switch, Nmap can be used to perform an output scan that only shows open (or possibly open) ports.# nmap -v -p 80,8080,445 <Target_Ip> --openWith the — packet-trace switch, Nmap can be used to perform an output scan that shows all packets sent and received.# nmap -v -p 80,8080,445 <Target_Ip> --packet-traceUsing the — iflist switch with Nmap prints host interfaces and routes (for debugging) in the output scan# nmap -v -p 80,8080,445 <Target_Ip> --iflist
Bengali (Bangladesh) · 
English (United States) ·