Open in app

Sign in

Write

Sign in

What is Nmap ? how to use Nmap |basic Nmap tutorial for beginners

FreakyDodo
3 min readJun 3, 2021

--

Hey Hackers!!!!

Today we will discuss about an excellent port scanning tool , which is “Nmap (Network mapper)”.

What is Nmap ?

If you had to choose only one tool to conduct port scanning you would undoubtedly choose Nmap.

Nmap was written by Gordon “Fyodor” Lyon and is available by default in many of the linux distros and in Kali Linux as well.

In simple way , Nmap is a tool for network mapping and port scanning, allowing network administrator to discover hosts and services on a computer network, and create a map of the network.

Usage

There are total of 65,536 ( 0–65,535) port on every computer. Ports can be either TCP or UDP depending upon the service utilizing the port or nature of communication occurring on the port .

Each port provide different kind of services ,to learn about each services and their port number click here.

It is possible to run Nmap from a graphical user interface (GUI) , we are going to focus on using terminal to run our port scans . As using terminal will allow you to learn the switches and options that change the behavior of tool .

In this blog we will discuss about 3 basic Nmap scans, which are TCP scan , SYN scan, and UDP scan.

TCP Scan using Nmap

First scan we will look is TCP scan , this scan is often considered the most basic and stable of all the port scans because it actually completes the three way handshake and then tears down the connection gracefully.

To run TCP scan , we issue the following command:

nmap -sT -p -PN 192.168.101.135 (target's Ip address)

let’s review the command.

  • The first word “nmap”cause the Nmap to start .
  • The second command “-sT” tells Nmap to run a TCP scan, to break this switch further the “-s” is used to tell Nmap what type of scan you want to perform and “T” in “-sT” is used to run TCP scan.
  • The switch “-p” is used to tell Nmap to scan all ports not just 1000 default ports.
  • The switch “-PN” is used to skip host discovery phase and scan all the addresses as if system is alive and responding to ping requests.

SYN Scan Using Nmap

The SYN scan is arguably the most popular Nmap port scan.As is the the default Nmap scanning technique i.e even if you don’t specify the “-s” switch, Nmap will use the SYN scan by default.

SYN scan is faster than TCP scan .

To run SYN Scan type the following command :

nmap -sS -p -PN 192.168.101.135 (target's Ip address)

This command is exactly the same as the previous example of TCP scan with one exception that rather than using “-sT” we used “-sS” switch just to tell Nmap to perform SYN scan .

UDP Scan Using Nmap

One of the most common pot scanning mistakes hackers do that they overlook UDP and run a single scan (typically a SYN scan) and move onto vulnerability scanning , Failing to scan your target for open UDP ports.

To perform UDP scan type the following command :

nmap -sU 192.168.1.127(target's Ip address)

You may have noticed that this command is different from above commands and most of the switches are removed from the command.

This is because UDP scans are very slow, running even a basic UDP scan on the default 1,000 ports can take 20 -30 min , therefore prefer not to use additional switches.

These were the basics nmap command to learn about nmap in detail Click Here.

Keep coming for more !!!!

Nmap
Ethical Hacking
Cybersecurity
Startup
Covid-19

--

--

FreakyDodo
FreakyDodo

Written by FreakyDodo

142 Followers
4 Following

Hey Hackers !! I am Harshit Dodia aka Freaky Dodo , I am a student of Information Technology and Ethical hacking.

No responses yet

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams