Nmap (Network Mapper)

 Nmap (Network Mapper)

Nmap (for Network Mapper) is a most popular Vulnerability Assessment  (VA) tools, which used to scan network and discover what hosts are present and what services they are running. Nmap works by sending specially crafted network traffic  to the target hosts and then examining the responses of target. This can tell not only which hosts are active on the network and which of their ports are listening, but it can also help us determine the operating system, hostname, and even patch level of some systems.

Basically  Nmap  is command-line interface (CLI) tool. But there are some graphical user interface (GUI) tools also available like  Zenmap (Windows), NmapFE (Linux), and Xnmap (macOS). Successive runs of Nmap with identical parameters, together with a bit of scripting, enable the user to quickly identify changes to the configuration of a target. Attackers may be interested in new services because they are likelier to have exploitable configuration errors. Defenders, on the other hand, may be interested in new services because they could indicate a compromised host. Nmap  also used  some organization to get inventory assets on a network by periodically doing full scans and comparing hosts and services to an existing baseline.

Following are some commands for Nmap, which we used to perform network scan. we used Kali Linux environment for these commands.

Basic Syntax

Host Discovery Scan

nmap -sS 192.168.0.80 (half-open scan)

There are many types of scanning options that you can utilize by entering different nmap switches. In which some of them are show in following figure,

WARNING*: Some scans are described as “stealthy”, a well-configured IDS/IPS can detect  Nmap scanning.

GUI front-end programs developed for Nmap, such as Zenmap and NmapFE, that provide an easy-to-use interface like following Figures,

*As per my last blog, In future  we discuss one-by-one Vulnerability Assessment  (VA) tools. If you have any question, you can ask me in comments section.