Learn Nmap in 7 Minutes!

Introduction

This tutorial provides a quick guide to Nmap, a powerful network scanning tool used to discover hosts and services on a computer network. Whether you're a network administrator or just curious about network security, this guide covers essential Nmap functions to help you get started.

Step 1: Understanding Nmap

• Nmap, or Network Mapper, is a free tool developed by Gordon Lyon (Fyodor).
• It is used for:
  • Scanning IP addresses.
  • Identifying open ports and services.
  • Detecting vulnerabilities in a network.

Step 2: Why Use Nmap

• Nmap helps network administrators:
  • Identify devices on a network.
  • Find security vulnerabilities.
  • Understand network configurations.
• It is widely recognized in the cybersecurity community and featured in popular culture.

Step 3: Performing a Ping Scan

• A ping scan checks if a host is active.
• To perform a ping scan, run the following command:

  nmap -sn [target IP]
  

Step 4: Conducting a Single Host Scan

• For a detailed scan of a single host, use:

  nmap [target IP]
  

• This command will provide information on open ports and services.

Step 5: Executing a Stealth Scan

• A stealth scan is less detectable by firewalls.
• Use the following command to perform a stealth scan:

  nmap -sS [target IP]
  

Step 6: Version Scanning

• To identify the versions of services running on open ports, use:

  nmap -sV [target IP]
  

Step 7: Performing OS Scanning

• To determine the operating system of a host, run:

  nmap -O [target IP]
  

Step 8: Aggressive Scanning

• For comprehensive details including OS and service version, use:

  nmap -A [target IP]
  

• This scan combines multiple scan types.

Step 9: Scanning Multiple Hosts

• To scan multiple IP addresses, list them in the command:

  nmap [IP1] [IP2] [IP3]
  

Step 10: Port Scanning

• By default, Nmap scans the most common 1,000 ports. To scan all ports, use:

  nmap -p- [target IP]
  

Step 11: Scanning from a File

• You can specify a file containing multiple IPs for scanning:

  nmap -iL [filename]
  

Step 12: Verbosity and Exporting Scan Results

• Increase output verbosity with:

  nmap -v [target IP]
  

• To export scan results to a file, use:

  nmap -oN [output_filename] [target IP]
  

Step 13: Accessing Nmap Help

• For detailed help and options, run:

  nmap --help
  

Step 14: Using Nmap Scripting Engine

• Leverage scripts for advanced scanning. To run scripts, use:

  nmap --script [script_name] [target IP]
  

Step 15: Exploring Zenmap

• Zenmap is the graphical user interface for Nmap, making it easier to visualize scans.
• Download and install Zenmap from the official Nmap website.

Conclusion

Nmap is a versatile tool that can help you assess network security and manage devices effectively. With the steps outlined in this guide, you can start using Nmap to perform various scans and gather valuable information. As you become more familiar with its commands and options, explore advanced features and consider integrating them into your network security practices.