Hacking

What is NMAP? How to use Nmap For scanning? The Best Tool for information Gathering – NMAP

In this post, I will describe the open-source vulnerability scanning and network scanning tool that is NMAP.  The full-form of NMAP is network-Mapper. NMAP is a very popular tool. Because this tool is free and open-source and used world-widely to find any vulnerability in any system or to scan a network. We can gather much important information from this tool like operating system detection, host scanning, open ports, any security risk, and much more.

Let’s discuss about NMAP –

What is Nmap?

Nmap is a free and open-source network scanner created by Gordon Lyon.  The full-form of  Nmap is Network-Mapper. Nmap is used to discover hosts and services on a computer network by sending packets and analyzing the responses. Nmap provides a number of features for probing computer networks, including host discovery and service and operating system detection. according to Wikipedia

How To Use NMAP for scanning?

There are several ways in which you can use Nmap. It has a wide range of free monitoring utilities and open-source vulnerability scanners. Nmap provides power and flexibility to IT and network managers. NMAP’s basic functionality is PORT Scanning, it includes a variety of related capabilities like

i.  OS detection

ii. Network Mapping

iii. Security Auditing

iv. Service Discovery

Now let’s discuss some of the major commands which are helpful for network scanning, host scanning, os detection, security auditing, etc.

Process of NMAP scanning step by step –

  1.  How to Install Nmap in RHEL & Debian Based OS
[root@linuxkings ~]# yum install nmap                   [On RedHat based systems]
[root@linuxkings ~]# apt-get install nmap              [On Debian based systems]

 

  1. How to Scan using Hostname
[root@linuxkings ~]# nmap abc.server.com

 

  1. How to Scan using IP Address
[root@linuxkings ~]# nmap 192.168.0.101

 

  1. Scan using “-v” option
[root@linuxkings ~]# nmap -v abc.server.com

 

  1. How to Scan Multiple Hosts on a Network
[root@linuxkings ~]# nmap 192.168.0.101 192.168.0.102 192.168.0.103

 

  1. How To Scan a whole Subnet of a network
[root@linuxkings ~]# nmap 192.168.0.*

 

  1. Scan Multiple Servers using the last octet of IP address
[root@linuxkings ~]# nmap 192.168.0.101,102,103

 

  1. Scan list of Hosts from a File
[root@server1 ~]# cat > nmaptest.txt

localhost

server.com

192.168.0.101

[root@linuxkings ~]# nmap -iL nmaptest.txt

 

  1. Scan an IP Address Range
[root@linuxkings~]# nmap 192.168.0.101-110

 

  1. Scan Network Excluding Remote Hosts
[root@linuxkings ~]# nmap 192.168.0.* --exclude 192.168.0.100

 

  1. Scan OS information and Traceroute
[root@linuxkings ~]# nmap -A 192.168.0.101

 

  1. Enable OS Detection with Nmap
[root@linuxkings ~]# nmap -O abc.server.com

 

  1. Scan a Host to Detect Firewall
[root@linuxkings ~]# nmap -sA 192.168.0.101

 

  1. Scan a Host to check its protected by Firewall
[root@linuxkings ~]# nmap -PN 192.168.0.101

 

  1. Find out Live hosts in a Network
[root@linuxkings ~]# nmap -sP 192.168.0.*

 

  1. Perform a Fast Scan
[[root@linuxkings ~]# nmap -F 192.168.0.101

 

  1. Find Nmap version
[[root@linuxkings ~]# nmap –V

 

  1. Scan Ports Consecutively
[[root@linuxkings ~]# nmap -r 192.168.0.101

 

  1. Print Host interfaces and Routes
[[root@linuxkings ~]# nmap –iflist

 

  1. Scan for specific Port
[[root@linuxkings ~]# nmap -p 80 abc.server.com

 

  1. Scan a TCP Port
[[root@linuxkings  ~]# nmap -p T:8888,80 abc.server.com

 

  1. Scan a UDP Port
[[root@linuxkings ~]# nmap -sU 53 abc.server.com

 

  1. Scan Multiple Ports
[[root@linuxkings ~]# nmap -p 80,443 192.168.0.101

 

  1. Scan Ports by Network Range
[[root@linuxkings ~]#  nmap -p 80-160 192.168.0.101

 

  1. Find Host Services version Numbers
[[root@linuxkings ~]# nmap -sV 192.168.0.101

 

  1. Scan remote hosts using TCP ACK (PA) and TCP Syn (PS)
[root@linuxkings  ~]# nmap -PS 192.168.0.101

 

27. Scan Remote host for specific ports with TCP Syn

[root@linuxkings ~]# nmap -PS -p 22,80 192.168.0.101

 

28. Perform a stealthy Scan

[root@linuxkings ~]# nmap -sS 192.168.0.101

 

29. Check most commonly used Ports with TCP Syn

[root@linuxkings ~]# nmap -sT 192.168.0.101

 

30. Perform a TCP null scan to fool a firewall

[root@linuxkings ~]# nmap -sN 192.168.0.101

 

Friends, these are some basic commands for using NMAP. By these above-mentioned commands, we can easily scan a whole network and can find network vulnerability of the network. So, friends, this is all about what is NMAP? How To Use NMAP for scanning? and steps of network scanning for finding vulnerabilities in a particular network.  So still, if you have any queries or doubts about this post, do not hesitate to contact me. If you like our post, then share it with your friends. And if you have any suggestions for me, please write to me in the comment box.

1 reply »

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s