Nmap is an free open-source and powerful tool used to discover hosts and services on a computer network. Nmap has many capabilities, below is a table summarising some of the functionality it provides.
|-sV||Attempts to detrmine the version of the services running|
|-p 80 or -p-||Ports scan for 80 or scan all port|
|-Pn||Disable host discovery and just scan for open ports|
|-A||Enable OS and version detection, executes in-built scripts for further enumeration|
|-sC||Scan with default Nmap scripts|
|-sU||UDP port scan|
|-sS||TCP SYN port scan|
The six port state recognized by Nmap
- open: An application actively accepting TCP connection or UDP packets on this port.
- closed: Port is accessible, but there is no application listening on it.
- filtered: Unable to determine port is open because packet filtering prevents from reaching the port
- unfiltered: It means that port is accessible, but Nmap is unable to determine whether it is open or closed.
- open|filtered: It occurs for scan types in which open ports give no response.
- closed|filtered: Nmap is unable to determine whether port is closed or filtered
In this Exercise, consider a network 192.168.56.0/24 where different devices are running. We will enumerate services, ports and operating system information using Nmap utility with Kali Linux.
*** kali Linux terminal *** *** run command *** sudo arp-scan -l
Or run the below command in Kali.
*** kali Linux terminal *** *** run command *** sudo netdiscover -r 192.168.56.0/24
Nmap – Now run the below command
*** kali Linux terminal *** *** run command *** nmap -sV machine ip
*** Kali Linux terminal *** *** run command *** sudo nmap -T4 -p- -A 192.168.56.101
The latest tips and news from the industry straight to your inbox!
Join subscription for execlusive access to our monthly newsletter with insight to the cyber security.