nmap

Nmap (Network Mapper) is a security scanner originally written by Gordon Lyon used to discover hosts and services on a computer network, thus creating a “map” of the network. To accomplish its goal, Nmap sends specially crafted packets to the target host and then analyzes the responses.

The software provides a number of features for probing computer networks, including host discovery and service and operating system detection. These features are extensible by scripts that provide more advanced service detection, vulnerability detection, and other features. Nmap is also capable of adapting to network conditions including latency and congestion during a scan. Nmap is under development and refinement by its user community.

Network Mapper features:

  • Host discovery – Identifying hosts on a network. For example, listing the hosts that respond to TCP and/or ICMP requests or have a particular port open
  • Port scanning – Enumerating the open ports on target hosts
  • Version detection – Interrogating network services on remote devices to determine application name and version number
  • OS detection – Determining the operating system and hardware characteristics of network devices
  • Scriptable interaction with the target – using Nmap Scripting Engine (NSE) and Lua programming language

Note that the Nmap requires root privileges to run this type of scan. The scanning process can take about a minute, so be patient.

The syntax for Network Mapper is following:

nmap scanning_option target

Let’s say you want to scan your server and find out what operating system is working on it. To do this do the following:

nmap -O target_host

To set verbose scanning, you can run nmap with following key:

nmap -sV target_host

You can use nmap for scanning of networks and sub networks by setting hostname, IP address, range of IP address or just setting of your sub network for example 10.10.1.0/24. Here you can find options list for this scanner.

Download Nmap

REVIEW OVERVIEW
Scanning
Exploitation
Flexibility
SHARE
Previous articlesqlmap
Next articleOWASP TOP10
Avatar
Penetration Testing & Information Security Specialist, Certified Ethical Hacker. Uladzislau Murashka provides information security and penetration testing services, IDS/IPS implementation and configuration, infrastructure security assessment and hardening, participates in bug bounty programs. CyberSecurity News & Articles: www.scanforsecurity.com and Penetration Testing Services: www.cybersecuriosity.com