Difference between revisions of "Nmap"

Nmap (Network Mapper) is a security scanner that can be used to discover hosts and services on a computer or computer network. Includes at least nmap and nping binaries.

Basic nmap commands

• Basic nmap host scan:
  • nmap -nP HOSTNAME_TO_SCAN
  • nmap -nP HOSTNAME_TO_SCAN -p 80,443
  • nmap HOSTNAME_TO_SCAN
• Basic nmap network scan: nmap -sn 192.168.0.* (-sn - ping scan so No/disable port scan)

-sn: Ping scan so disable port scan

• OS detection: nmap -O IP

Basic nping commands

nping is packet generation, response analysis and response time measurement available since 2011 and developed by nmap developers

• "TCP ping":
  • nping -c 1 --tcp -p 80,433 google.com^[1]
  • nping -c 3 --tcp -p 443 --flags syn google.com^[2]
• nping -H -tr 8.8.8.8 (-H Hide-sent do not display sent packets, -tr traceroute)

Activities

Basic

1. Use nping to execute a "tcp ping": Check TCP connectivity

Advanced

1. Read nmap Changelog: https://nmap.org/changelog.html

See also

• Wikibooks:Hacking/Tools/Network/Nmap
• Wikipedia:Nmap
• ping, nping, arping, fping, gping, hping, mtr, traceroute, tcptraceroute , tracepath, Test-Connection Powershell cmdlet, iperf, Ping (PAN-OS), BWPing, check_ping, ping -M, ios ping, ping -a
• ncat
• Wireshark
• Port knocking, fail2ban^[3] fwknop, DenyHosts
• MASSCAN
• whois, IP address, geoiplookup, ip2location