What is NMAP ?
Nmap (Network Mapper) is an open-source tool that specializes in network exploration and security auditing, originally published by Gordon “Fyodor” Lyon. The official website is (http://nmap.org). Nmap is a free and open source (license) utility for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime.
Beginner Commands
This Page is for 3 year old girls or someone who is just starting in NMAP.
Basic Scanning Techniques
So here I will show the basic techniques for scanning network/host. But before that, you should know some basic stuff regarding Nmap status after scanning.
Port Status: After scanning, you may see some results with a port status like filtered, open, closed, etc. Let me explain this.
Open: This indicates that an application is listening for connections on this port.
Closed: This indicates that the probes were received but there is no application listening on this port.
Filtered: This indicates that the probes were not received and the state could not be established. It also indicates that the probes are being dropped by some kind of filtering.
Unfiltered: This indicates that the probes were received but a state could not be established.
Open/Filtered: This indicates that the port was filtered or open but Nmap couldn’t establish the state.
Closed/Filtered: This indicates that the port was filtered or closed but Nmap couldn’t establish the state.
- Let’s say our target is http://dshaw.net/
Open command prompt and type
Scan Multiple Network/Targets
In Nmap you can even scan multiple targets for host discovery/information gathering.
Command: nmap host1 host2 host3 etc….It will work for the entire subnet as well as different IP addresses.
Scan a Range Of IP address
Command:nmap 192.168.2.1-192.168.2.100
Nmap can also be used to scan an entire subnet using CIDR (Classless Inter-Domain Routing) notation.
Usage syntax: nmap [Network/CIDR]
nmap 192.168.2.1/24
Scan a list of targets
If you have a large number of systems to scan, you can enter the IP address (or host names) in a text file and use that file as input for Nmap on the command line.
syntax: nmap -iL [list.txt]
Scan Random Targets
The -iR parameter can be used to select random Internet hosts to scan. Nmap will randomly generate the specified number of targets and attempt to scan them.
syntax: nmap -iR [number of host]
It is not a good habit to do a random scan unless you have been given some project.
The –exclude option is used with Nmap to exclude hosts from a scan.
syntax: nmap [targets] –exclude [host(s)]
ex:nmap 192.168.2.1/24 –exclude 192.168.2.10
Aggressive Scan
The aggressive scan selects most commonly used options within Nmap to try to give a simple alternative to writing long strings. It will also work for traceroute, etc.
Command: nmap –A host
Discovery With Nmap
Discovery with Nmap is very interesting and very helpful for penetration testers. During discovery one can learn about services, port numbers, firewall presence, protocol, operating system, etc. We will discuss one by one. See the below image from SANS which contains different probing options and Scan Types. Go through this completely
Service Version Detection
| COMMAND | DESCRIPTION |
| -sV | Probe open ports to determine service/version info |
| –version-intensity “level” | Set from 0 (light) to 9 (try all probes) |
| –version-light | Limit to most likely probes (intensity 2) |
| –version-all | Try every single probe (intensity 9) |
| –version-trace | Show detailed version scan activity (for debugging) |
Example:
Firewalls IDS Evasion and Spoofing
| COMMAND | DESCRIPTION |
| -f; –mtu VALUE | Fragment packets (optionally w/given MTU) |
| -D decoy1,decoy2,ME | Cloak a scan with decoys |
| -S IP-ADDRESS | Spoof source address |
| -e IFACE | Use specified interface |
| -g PORTNUM –source-port PORTNUM |
Use given port number |
| –proxies url1,[url2],… | Relay connections through HTTP / SOCKS4 proxies |
| –data-length NUM | Append random data to sent packets |
| –ip-options OPTIONS | Send packets with specified ip options |
| –ttl VALUE | Set IP time to live field |
| –spoof-mac ADDR/PREFIX/VENDOR | Spoof NMAP MAC address |
| –badsum | Send packets with a bogus TCP/UDP/SCTP checksum |
Now get up and gets some coffee because next part will be intense (hopefully)……..
I see your site needs some unique & fresh content. Writing
manually is time consuming, but there is solution for this hard task.
Just search for; Miftolo’s tools rewriter
hey and good sqlmap tutorial you can find it here https://www.youtube.com/edit?o=U&video_id=DCdBNp2xG60
Hello there! This is my first visit to your blog! We are a group of volunteers and starting a new project in a community in the same niche. Your blog provided us useful information to work on. You have done a marvellous job!
I know this website presents quality depending content and extra material, is there any other web page which gives these kinds of data in quality?
Thank you a bunch for sharing this with all of us you actually realize what you’re talking about! Bookmarked. Please additionally seek advice from my web site =). We can have a hyperlink exchange agreement between us
Thanks in favor of sharing such a good opinion, paragraph is nice, thats why i have read it entirely
My programmer is trying to convince me to move to .net from PHP. I have always disliked the idea because of the costs. But he’s tryiong none the less. I’ve been using WordPress on a number of websites for about a year and am nervous about switching to another platform. I have heard excellent things about blogengine.net. Is there a way I can transfer all my wordpress posts into it? Any help would be greatly appreciated!
Just ask him what’s the reason.. Instead of moving to .net ask him to review your website for security flaws and fix those.. Most part of facebook still runs on PHP.
Your style is so unique compared to other people I have read stuff from. I appreciate you for posting when you have the opportunity, Guess I will just bookmark this blog.
I like what you guys are usually up too. Such clever work and reporting! Keep up the very good works guys I’ve added you guys to my own blogroll.
It’s remarkable in favor of me to have a web site, which is helpful in support of my experience. thanks admin
Aw, this was an extremely nice post. Spending some time and actual effort to create a really good article… but what can I say… I hesitate a whole lot and never manage to get anything done.
It happens to everybody..1st time is difficult but after sometime it becomes a habbit
I was looking through some of your posts on this website and I believe this web site is very informative! Continue posting.
Hola! I’ve been following your blog for some time now and finally got the courage to go ahead and give you a shout out from Huffman Tx! Just wanted to mention keep up the great job!
Great post. I am facing a couple of these issues.
EXCELLENT Post.thanks for share..more delay.
Really fine post, I surely adore this site, keep on it.
I like the valuable info you provide in your articles. I will bookmark your blog and check again here frequently. I am quite certain I will learn lots of new stuff right here! Good luck for the next!
It’s really a cool and useful piece of info. Iam satisfied that you simply shared this helpful information with us. Please stay us up to date like this. Thank you for sharing.
Generally I don’t read post on blogs, but I wish to say that this write-up very pressured me to try and do so! Your writing taste has been surprised me. Thank you, very great post.
Hey! Do you use Twitter? I’d like to follow you if that would be okay.
I’m definitely enjoying your blog and look forward to
new posts.
Hi there would you mind letting me know which hosting company you’re using? I’ve loaded your blog in 3 completely different internet browsers and I must say this blog loads a lot faster then most. Can you recommend a good hosting provider at a fair price? Thanks, I appreciate it!
I went over this internet site and I believe you have a lot of fantastic information, saved to favorites (:.
To be honestly, reading your articles is really great fun. It makes learn a lot. I genuinely hope there are a lot more posts like this one your blog; we need to post the artists out there.
Youre so cool! I dont suppose Ive read anything like this before. So nice to seek out somebody by original applying for grants this subject. realy thanks for starting this up. this amazing site are some things that is required over the internet, an individual after a little originality. valuable job for bringing something new towards net!
Hello there! This is my first comment here, so I just wanted to give a quick shout out and say I genuinely enjoy reading your articles. Can you recommend any other blogs/websites/forums that deal with the same subjects? Thanks.
Great article.
I am no longer positive where you are getting your info,
but good topic. I needs to spend some time finding out
much more or figuring out more. Thanks for excellent information I used to
be in search of this info for my mission.
I am really loving the theme/design of your weblog.
Do you ever run into any internet browser compatibility problems?
A few of my blog visitors have complained about my blog not operating correctly in Explorer but looks great in Chrome.
Do you have any ideas to help fix this issue?
We stumbled over here by a different web page and thought I should check things out. I like what I see so i am just following you. Look forward to looking at your web page repeatedly.
Wow! This could be one particular of the most helpful blogs We’ve ever arrive across on this subject. Actually Great. I am also an expert in this topic so I can understand your hard work.
Hey! I would like to leave a comment. I truly enjoyed reading this article. Sustain the awesome effort.
Good an very informative post. I will come back to your blog regullary.
Web penetration testing also known as ‘pen test’ or ‘ethical hacking’ is a practical way to test the security levels of your website. This is actually done by hacking your website for a good reason. The testers check for the holes in your security system and determine the severity of the vulnerabilities by manually checking the perimeters of your website for potential threats.
It’s great that you are getting ideas from this post as well as from
our discussion made at this time.
Hi there! This article couldn’t be written much better!
Looking through this post reminds me of my previous roommate!
He continually kept preaching about this. I am going to
forward this article to him. Pretty sure he will have a very good read.
Thanks for sharing!
Hey there! This is my 1st comment here so I just wanted to give a quick shout out and tell you I genuinely
enjoy reading your articles. Can you suggest any other
blogs/websites/forums that cover the same subjects?
Thank you so much!
Great web site. A lot of useful info here. I am sending it to some friends ans also sharing in delicious. And certainly, thanks for your sweat!
Great weblog here! Also your web site lots up fast! What web host are you using? Can I am getting your affiliate link on your host? I want my site loaded up as fast as yours lol
Thank you, I’ve just been looking for info about this topic for ages and yours is the best I’ve discovered so far. But, what about the bottom line? Are you sure about the source?
Great post! Have nice day ! 🙂 davqp
What a fantastic write-up! Appreciate your time on this. It’s scarce now to locate writers that really appreciate what they’re composing.
Very shortly this web page will be famous amid all blog visitors, due to it’s nice content
I think you have a great page here… today was my first time coming here.. I just happened to find it doing a google search. anyway, good post.. I’ll be bookmarking this page for sure.
I see your main page doesn’t rank in google’s top 10, but your articles can get into top 10.
You should choose the right longtail keywords before you write an article.
How to find super easy longtail keywords? Search in google for;
Fasrixo’s tools
Needed to compose you a very little word to thank you yet again regarding the nice suggestions you’ve contributed here.
Everyone loves what you guys are up too. Such clever work and coverage!
Keep up the excellent works guys I’ve you guys to blogroll.
pretty valuable material, overall I believe this is worth a bookmark, thanks
Major thanks for the article.Really thank you! Will read on