You are currently viewing Services Enumeration using Nmap

Services Enumeration using Nmap

Nmap is an free open-source and powerful tool used to discover hosts and services on a computer network. Nmap has many capabilities, below is a table summarising some of the functionality it provides.

Nmap FlagDescription
-sVAttempts to detrmine the version of the services running
-p 80 or -p-Ports scan for 80 or scan all port
-PnDisable host discovery and just scan for open ports
-AEnable OS and version detection, executes in-built scripts for further enumeration
-sCScan with default Nmap scripts
-vVerbose mode
-sUUDP port scan
-sSTCP SYN port scan

The six port state recognized by Nmap

  • open: An application actively accepting TCP connection or UDP packets on this port.
  • closed: Port is accessible, but there is no application listening on it.
  • filtered: Unable to determine port is open because packet filtering prevents from reaching the port
  • unfiltered: It means that port is accessible, but Nmap is unable to determine whether it is open or closed.
  • open|filtered: It occurs for scan types in which open ports give no response.
  • closed|filtered: Nmap is unable to determine whether port is closed or filtered

In this Exercise, consider a network where different devices are running. We will enumerate services, ports and operating system information using Nmap utility with Kali Linux.

*** kali Linux terminal ***
*** run command ***
sudo arp-scan -l

Or run the below command in Kali.

*** kali Linux terminal ***
*** run command ***
sudo netdiscover -r

Nmap – Now run the below command

*** kali Linux terminal *** 
*** run command *** 

nmap -sV machine ip
*** Kali Linux terminal ***
*** run command ***
sudo nmap -T4 -p- -A

The latest tips and news from the industry straight to your inbox!

Join subscription for execlusive access to our monthly newsletter with insight to the cyber security.

Leave a Reply