What is Nmap? – Nmap tool (“Network Mapper”) is a free and open source utility for network discovery and security auditing.
Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap tool uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics.
It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are available for Linux, Windows, and Mac OS X.
Nmap tool is a wonderful tool that every administrator network should know about. Despite its popularity, Nmap isn’t widely known outside of technically elite circles.
The packets that Nmap sends out return with IP addresses and a wealth of other data, allowing you to identify all sorts of network attributes, giving you a profile or map of the network and allowing you to create a hardware and software inventory.
Different protocols use different types of packet structures. Nmap employs transport layer protocols including TCP (Transmission Control Protocol), UDP (User Datagram Protocol), and SCTP (Stream Control Transmission Protocol), as well as supporting protocols like ICMP (Internet Control Message Protocol), used to send error messages.
The various protocols serve different purposes and system ports. For example, the low resource overhead of UDP is suited for real-time streaming video, where you sacrifice some lost packets in return for speed, while non-real time streaming videos in YouTube are buffered and use the slower, albeit more reliable TCP.
Also Read This :- Call of Duty Hacks
How To Use Nmap :
There is a wide range of free network monitoring utilities as well as free open-source vulnerability scanners available to network administrators and security auditors. What makes Nmap stand out as the tool IT and network managers need to know is its flexibility and power. While the basis of Nmap’s functionality is port scanning, it allows for a variety of related capabilities including:
- Network Mapping: Nmap can identify the devices on a network (also called host discovery), including servers, routers and switches, and how they’re physically connected.
- OS Detection: Nmap can detect the operating systems running on network devices (also called OS fingerprinting), providing the vendor name, the underlying operating system, the version of the software and even an estimate of devices’ uptime.
- Service Discovery: Nmap can not only identify hosts on the network, but whether they’re acting as mail, web or name servers, and the particular applications and versions of the related software they’re running.
- Security Auditing: Figuring out what versions of operating systems and applications are running on network hosts lets network managers determine their vulnerability to specific flaws. If a network admin receives an alert about a vulnerability in a particular version of an application, for example, she can scan her network to identify whether that software version is running on the network and take steps to patch or update the relevant hosts. Scripts can also automate tasks such as detecting specific vulnerabilities.
Scan a Single Target :- nmap [ target]
Scan Multiple Targets :- nmap [target1, target2, etc]
Scan a List of Targets :- nmap -iL [list.txt]
Scan a Range of Hosts :- nmap [range of ip addresses]
Scan an Entire Subnet :- nmap [ip address/cdir]
Scan Random Hosts :- nmap -iR [number]
Excluding Targets from a Scan :- nmap [targets] –exclude [targets]
Excluding Targets Using a List :- nmap [targets] –excludefile [list.txt]
Perform an Aggressive Scan :- nmap -A [target]
Scan an IPv6 Target :- nmap -6 [target]
Perform a Ping Only Scan :- nmap -sP [target]
Don’t Ping :- nmap -PN [target]
TCP SYN Ping :- nmap -PS [target]
TCP ACK Ping :- nmap -PA [target]
UDP Ping :- nmap -PU [target]
SCTP INIT Ping :- nmap -PY [target]
ICMP Echo Ping :- nmap -PE [target]
ICMP Timestamp Ping :- nmap -PP [target]
ICMP Address Mask Ping :- nmap -PM [target]
IP Protocol Ping :- nmap -PO [target]
ARP Ping ;- nmap -PR [target]
Traceroute :- nmap –traceroute [target]
Force Reverse DNS Resolution :- nmap -R [target]
Disable Reverse DNS Resolution :- nmap -n [target]
Alternative DNS Lookup :- nmap –system-dns [target]
Manually Specify DNS Server(s) :- nmap –dns-servers [servers] [target]
Create a Host List :- nmap -sL [targets]
TCP SYN Scan :- nmap -sS [target]
TCP Connect Scan :- nmap -sT [target]
UDP Scan :- nmap -sU [target]
TCP NULL Scan :- nmap -sN [target]
TCP FIN Scan :- nmap -sF [target]
Xmas Scan :- nmap -sX [target]
TCP ACK Scan :- nmap -sA [target]
Custom TCP Scan :- nmap –scanflags [flags] [target]
IP Protocol Scan :- nmap -sO [target]
Send Raw Ethernet Packets :- nmap –send-eth [target]
Send IP Packets :- nmap –send-ip [target]
Perform a Fast Scan :- nmap -F [target]
Scan Specific Ports :- nmap -p [ports] [target]
Scan Ports by Name :- nmap -p [port name] [target]
Scan Ports by Protocol :- nmap -sU -sT -p U:[port] T:[port] [target]
Operating System Detection :- nmap -O [target]
Attempt to Guess an Unknown :- nmap -o –osscan-guess [target]
Service Version Detection :- nmap -sV [target]
Troubleshooting Version Scans :- nmap -sV –version-trace [target]
Perform a RPC Scan :- nmap -sR [target]