Nmap ("Network Mapper") is a free and open source (license) utility for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime.
Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts.
Nmap runs on all major computer operating systems, and official binary packages are available for Linux, Windows, and Mac OS X. In addition to the classic command-line Nmap executable, the Nmap suite includes an advanced GUI and results viewer (Zenmap), a flexible data transfer, redirection, and debugging tool (Ncat), a utility for comparing scan results (Ndiff), and a packet generation and response analysis tool (Nping).
Nmap was named “Security Product of the Year” by Linux Journal, Info World, LinuxQuestions.Org, and Codetalker Digest. It was even featured in twelve movies, including The Matrix Reloaded, Die Hard 4, Girl With the Dragon Tattoo, and The Bourne Ultimatum.
Nmap Single Ip And Host Selection
Scan a single IP
|
nmap 192.168.1.1
|
Scan a host
|
nmap www.intesoft.blogspot.in
|
Scan a range of IPs
|
nmap 192.168.1.1-20
|
Scan a subnet
|
nmap 192.168.1.0/24
|
Scan targets from a text file
|
nmap -iL list-of-ips.txt
|
These are all default scans, which will scan 1000 TCP ports. Host discovery will take place
Nmap Port Selection
Scan a single Port
|
nmap -p 22 192.168.1.1
|
Scan a range of ports
|
nmap -p 1-100 192.168.1.1
|
Scan 100 most common ports (Fast)
|
nmap -F 192.168.1.1
|
Scan all 65535 ports
|
nmap -p- 192.168.1.1
|
Nmap Port Scan types
Scan using TCP connect
|
nmap -sT 192.168.1.1
|
Scan using TCP SYN scan (default)
|
nmap -sS 192.168.1.1
|
Scan UDP ports
|
nmap -sU -p 123,161,162 192.168.1.1
|
Scan selected ports - ignore discovery
|
nmap -Pn -F 192.168.1.1
|
Service and OS Detection
Detect OS and Services
|
nmap -A 192.168.1.1
|
Standard service detection
|
nmap -sV 192.168.1.1
|
More aggressive Service Detection
|
nmap -sV --version-intensity 5 192.168.1.1
|
Lighter banner grabbing detection
|
nmap -sV --version-intensity 0 192.168.1.1
|
Digging deeper with NSE Scripts
Scan using default safe scripts
|
nmap -sV -sC 192.168.1.1
|
Get help for a script
|
nmap --script-help=ssl-heartbleed
|
Scan using a specific NSE script
|
nmap -sV -p 443 –script=ssl-heartbleed.nse 192.168.1.1
|
Scan with a set of scripts
|
nmap -sV --script=smb* 192.168.1.1
|
A scan to search for DDOS reflection UDP services
Scan for UDP DDOS reflectors
|
nmap –sU –A –PN –n –pU:19,53,123,161 –script=ntp-monlist,dns-recursion,snmp-sysdescr 192.168.1.0/24
|
HTTP Service Information
Gather page titles from HTTP services
|
nmap --script=http-title 192.168.1.0/24
|
Get HTTP headers of web services
|
nmap --script=http-headers 192.168.1.0/24
|
Find web apps from known paths
|
nmap --script=http-enum 192.168.1.0/24
|
Detect Heartbleed SSL Vulnerability
Heartbleed Testing
|
nmap -sV -p 443 --script=ssl-heartbleed 192.168.1.0/24
|
IP Address information
Find Information about IP address
|
nmap --script=asn-query,whois,ip-geolocation-maxmind 192.168.1.0/24
|
Gather information related to the IP address and netblock owner of the IP address. Uses ASN, whois and geoip location lookups. See the IP Tools for more information and similar IP address and DNS lookups.
No comments:
Post a Comment