Whether you want to scan your network for vulnerabilities or just want to see which ports you have open, nmap can be extremely useful.

What is nmap

Nmap (Network Mapper) is a network scanner created by Gordon Lyon . Nmap sends packets and examines the answers to find hosts and services on a computer network. For probing computer networks, Nmap offers a variety of functionalities, including host discovery, service detection, and operating system detection. Scripts that offer more sophisticated service discovery, vulnerability detection, and other features can extend these features. During a scan, Nmap can adjust to changing network conditions, such as latency and congestion.

Installation

Nmap is available for linux, windows , mac os and even bsd

If you are using linux you can install it using your package manager.

On apt

sudo apt install nmap

On dnf

sudo dnf install nmap

With pacman

sudo pacman -S nmap

On windows you have to download the executable from the nmap website.

https://nmap.org/download.html

The same goes for mac and any other os

Getting Started

The first thing I will show you how to do is find all the ip addresses connected to your local network.

The first thing you will have to do is find your inet ip

On Linux type

ip a

On windows

ipconfig

You should see a lot of information, try to find inet. It should look something like this

inet 192.168.1.28/24

and copy the ip

Now type

nmap -sn IP

Instead of ip type the ip we found from above

Now you should see a large list of all the ips connected to your network.

-sn flag stands for no port scan

Now we can also get all the ports open on all the ips on your local network

To do that type

nmap IP

Instead of ip type the ip we found from above

Now if you have any computers on your local networks with open ports you should see them now

Eg.

I have a ssh port open on one of my machines so I can see

PORT   STATE SERVICE
22/tcp open  ssh

If you are running a web server ports 80 and 443 should be open.

Now lets say that you want to find out what operating system a specified device on your network is running.

To do that type

sudo nmap -O IP

Eg.

sudo nmap -O 192.168.1.16

In my case my device is running linux and you can even find out what kernel version your device is running

PORT   STATE SERVICE
22/tcp open  ssh
Device type: general purpose
Running: Linux 2.6.X
OS CPE: cpe:/o:linux:linux_kernel:2.6.32
OS details: Linux 2.6.32

You can press enter while running a scan to see how much time is left

Lets say that you dont want anyone monitoring a network be able to trace back the scan to you.

For that we can use decoy mode

To use decoy mode add -D followed by any random ip to any nmap command.

eg

sudo nmap -D 192.168.1.11 192.168.1.16

This will make it so that it looks like both your ip and 192.168.1.11 are performing a port scan on 192.168.1.16

You can also add multiple ips by adding commas

eg

sudo nmap -D 192.168.1.11,192.168.1.12 192.168.1.16

Thats all for now

GG You have now learnt the basics of nmap ***If you enjoyed this article consider supporting me

Subscribe

Where I share what I’ve been up to that week, including articles I’ve published, cool finds, tips and tricks, and more! Receive an email every time I post something new on my blog

No spam, no ads. Unsubscribe at any time.