Nmap Nmap (Network Mapper) is a free and open source (license) utility for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts. It’s the most powerful network scanning tool ever invented that’s why IT Security Researchers call it as Swiss Army knife --------------------------------------------- ------------------------------------- Executing Nmap with no command line options will perform a basic scan on the specified target. A target can be specified as an IP address or host name (which Nmap will try to resolve). •nmap 10.10.64.12 A default Nmap scan will check for the 1000 most commonly used TCP/IP ports. Ports that respond to a probe are classified into one of six port states: open, closed, filtered, unfiltered, open|filtered, closed|filtered. --------------------------------------------- -------------------------------------- Nmap can be used to scan multiple hosts at the same time. The easiest way to do this is to string together the target IP addresses or host names on the command line (separated by a space). •nmap 10.10.64.12 10.10.64.13 10.10.64.100 and so on --------------------------------------------- --------------------------------------- A range of IP addresses can be used for target specification . •nmap 10.10.64.1-100 Nmap is instructed to scan the range of IP addresses from 10.10.64.1 through 10.10.64.100. You can also use ranges to scan multiple networks/subnets. For example typing nmap 192.168.1-100.* would scan the class C IP networks of 192.168.1.* through 192.168.100.*. --------------------------------------------- --------------------------------------- Nmap can be used to scan an entire subnet using CIDR (Classless Inter-Domain Routing) notation. •Classless Inter-Domain Routing is a method for allocating IP addresses and routing Internet Protocol packets. •nmap 192.168.10.1/24 The above command instructs Nmap to scan the entire 192.168.10.0 network using CIDR notation. CIDR notation consists of the network address and subnet mask (in binary bits) separated by a slash. --------------------------------------------- --------------------------------------- If you have a large number of systems to scan, you can enter the IP address (or host names) in a text file and use that file as input for Nmap on the command line. •Each entry in the text file must be separated by a space, tab, or newline. The -iL parameter is used to instruct Nmap to extract the list of targets from the text file. •nmap –iL scan.txt --------------------------------------------- ---------------------------------------- The --exclude option is used with Nmap to exclude hosts from a scan. •nmap 192.168.10.0/24 --exclude 192.168.10.25 The --exclude option is useful if you want to exclude specific hosts when scanning a large number of addresses. The --exclude option accepts single hosts, ranges, or entire network blocks (using CIDR notation) --------------------------------------------- -------------------------------------- The -6 parameter is used to perform a scan of an IP version 6 target. •nmap -6 2001:0:9d38:90d7:28a9:458a:d67 5:a8d2
Posted on: Mon, 13 Oct 2014 11:19:41 +0000
Trending Topics
Recently Viewed Topics
© 2015