What is Nmap?
At its core, Nmap is a network scanning tool that uses IP packets to identify all the devices connected to a network and to provide information on the services and operating systems they are running.
The program is most commonly used via a command-line interface (though GUI front-ends are also available) and is available for many different operating systems such as Linux, Free BSD, and Gentoo. Its popularity has also been bolstered by an active and enthusiastic user support community.
What Does Nmap Do?
At a practical level, Nmap is used to provide detailed, real-time information on your networks, and on the devices connected to them.
The primary uses of Nmap can be broken into three core processes. First, the program gives you detailed information on every IP active on your networks, and each IP can then be scanned.
Secondly, Nmap provides information on your network as a whole.
It can be used to provide a list of live hosts and open ports, as well as identifying the OS of every connected device. This makes it a valuable tool in ongoing system monitoring, as well as a critical part of pentesting.
How To Use Nmap
Nmap is straightforward to use, and most of the tools it provides are familiar to system admins from other programs. The advantage of Nmap is that it brings a wide range of these tools into one program, rather than forcing you to skip between separate and discrete network monitoring tools.
How To Install Nmap
Linux users can either compile from source or use their chosen package manager. To use apt, for instance, you can run Nmap –version to check if it is installed, and sudo apt-get install Nmap to install it.
Nmap Commands
1. Ping Scanning
As mentioned above, a ping scan returns information on every active IP on your network. You can execute a ping scan using this command.
#2. Port Scanning
There are several ways to execute port scanning using. The most commonly used are these:
# sS TCP SYN scan
# sT TCP connect scan
# sU UDP scans
# sY SCTP INIT scan
# sN TCP NULL
3. Host Scanning
Host scanning returns more detailed information on a particular host or a range of IP addresses. As mentioned above, you can perform a host scan using the following command:
# nmap -sp <target IP range>
4. OS Scanning
OS scanning is one of the most powerful features of Nmap. When using this type of scan, Nmap sends TCP and UDP packets to a particular port, and then analyze its response. It compares this response to a database of 2600 operating systems, and return information on the OS (and version) of a host.
To run an OS scan, use the following command:
nmap -O <target IP>
5. Scan The Most Popular Ports
If you are running Nmap on a home server, this command is very useful. It automatically scans a number of the most ‘popular’ ports for a host. You can run this command using:
nmap --top-ports 20 192.168.1.106
6. Output to a File
If you want to output the results of your Nmap scans to a file, you can add an extension to your commands to do that. Simply add:
-oN output.txtTo your command to output the results to a text file, or:
-oX output.xml
To output to an XML.
7. Disable DNS Name Resolution
Finally, you can speed up your Nmap scans by using the -n parameter to disable reverse DNS resolution. This can be extremely useful if you want to scan a large network. For example, to turn off DNS resolution for the basic ping scan mentioned above, add -n:
# nmap -sp -n 192.100.1.1/24
For More Information:https://nmap.org/
