nmap
A basic introduction.
What is nmap?
nmap is a scanning tool that can scan ports and IPs for vulnerabilities. The most basic nmap scan is
nmap [ip]
. This will scan a given IP or IP range and give you basic info on the open ports. For example, here is the scan results, from scanning my machine.
$ kali@kali:~/Downloads$ nmap 192.168.202.131
Starting Nmap 7.70 ( https://nmap.org ) at 2020-08-19 21:25 UTC
Nmap scan report for 192.168.202.131
Host is up (0.000068s latency).
Not shown: 998 closed ports
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
Nmap done: 1 IP address (1 host up) scanned in 0.07 seconds
nmap timing
An nmap scan has 6 options for timing. These are:
(0)Paranoid, 5 minutes between packet, scans serially
(1)Sneaky, 15 seconds between packets, scans serially
(2)Polite, 0.4 seconds between packets, scans serially
(3)Normal, default timing, designed to not overwhelm network or miss targets/ports, scans in parallel
(4)Aggressive, waits 1.25 seconds for probe response, scans in parallel
(5)Insane, spends up to 15 minutes per host but if it takes longer, it will move onto the next host, waits 0.3 seconds for probe response and scans in parallel
To use this command, just add -T[number from 0-5]
to the end of your command. The default is 3, however at the cost of possibly missing some ports, you can bump this up to a 5.
For example, here is a -T5 scan of every TCP port on my machine:
kali@kali:~/Downloads$ nmap 192.168.202.131 -p- -T5
Starting Nmap 7.70 ( https://nmap.org ) at 2020-08-19 21:32 UTC
Nmap scan report for 192.168.202.131
Host is up (0.000041s latency).
Not shown: 65532 closed ports
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
8834/tcp open nessus-xmlrpc
Nmap done: 1 IP address (1 host up) scanned in 1.53 seconds
As you can see, the scan went incredibly quick!
Last updated
Was this helpful?