NMAP Tutorial for beginners

Disclaimer:  This Nmap Tutorial is just for Educational purpose.

The name Nmap implies the Network Mapping tool. As you can imagine, such a capability is attractive to the people who secure networks as well as those who attack networks. It is considered one of the best port-scanning tools in part because it offers an easy command-line interface (CLI) and has ready availability of documentation, and because of the way in which the tool has been developed and maintained.


Scan Options


When we use command line in nmap instead of GUI, we need some option which is listed with the command to define the type of scan methods.

Scan Option       Name               Notes

-sS                           TCP SYN            Stealth scan

-sT                           TCP FULL         Full connect

-sF                            FIN                    No reply from open port

-sN                           NULL                No flag are set

-sX                           Xmas                 URG,PUSH and FIN are set

-sP                           Ping                    Performs ping

-sU                           UDP scan          Like Null scan

-sA                           ACK                    Performs an ACK scan

-sl                             idle scan            Performs zombie scan


Below are some command with there explanation and output:

  • Scan a single host or an IP address (IPv4)

Scan a single IP address : #nmap 192.168.1.2

Scan a host name: #nmap nmap.org

Scan a host name with more info: #nmap -v nmap.org

 

  • Scan multiple IP address or subnet (IPv4)

#nmap 192.168.1.2,50

 

  • Turn  on OS and version detection scanning script(IPv4)

#nmap -v-A 192.168.1.2

 

  • Find out if host/network is protected by a firewall

#namp -sA 192.168.1.2  or

#nmap -sA nmap.org

 

  • Scan a host when protected by firewall

#nmap -PN 192.168.1.1  or

#nmap -PN nmap.org

  • Scan a network and find out which servers and devices are up and running

#nmap -sP 192.168.1.2/24

 

  • Display the reason why a port is in a particular state

#nmap -reason 192.168.1.1  or

#nmap -reason nmap.org

 

  • Show all packets sent and received

#nmap -packet-trace 192.168.1.2

#namp -packet-trace nmap.org

 

  • To detect remote Operating System

#namp -O 192.168.1.2

 

  • Scan host using TCP ACK(PA) and TCP syn ping

#nmap -PS 192.168.1.2

 

  • Scan the host for UDP service(UDP scan)

#nmap -sU 192.168.1.2

 

  • To save output in text file

#nmap -oN out.txt 192.168.1.2

 

Happy Footprinting…!

 

2 thoughts on “NMAP Tutorial for beginners

  • March 23, 2017 at 11:34 am
    Permalink

    Very useful tutorial. Didn’t know half of the commands. Thanks.

    Reply
    • March 23, 2017 at 12:42 pm
      Permalink

      Thanks… Stay tuned for more upcoming tutorials…

      Reply

Leave a Reply

Your email address will not be published. Required fields are marked *