NMAP With Examples


NMAP is one of the most important tool. Which checks which ports are open on a machine.

Some important to note about NMAP
  1. NMAP abbreviation is network mapper
  2. NMAP is used to scan ports on a machine, either local or remote machine (just you require ip/hostname to scan).
  3. NMAP is can be installed on windows, Sun Solaris machines too.
  4. NMAP can be used to scan large networks, remember I am saying large networks.
  5. NMAP can be used to get operating system details, uptime, software used for a service and its version no, vender of network card and uptime of that system too(Don’t worry we will see all these things in this post.
  6. Please do not try to use NMAP on machines which you don’t have permission.
  7. Can be used by hackers to scan for systems for venerability.
  8. Just a funny note : You can see this NMAP used by trinity in Matrix-II, when she tries to hack in to electric grid super computer.

Note : NMAP man pages one of the best man pages I have come across. It is explained in such a way that even new user can understand it easily and one more thing it is even having examples in to how to use NMAP in different situations, when you have time read it. You will get lots of information.

Example1 : Using NMAP in normal way, i.e. to scan a particular system for open ports
#nmap hostname

Example2 : Scanning for a single port on a machine
#nmap –p 22 hostname
This will scan for 22 port is open on a host or not. And here –p indicates port.

Example3 : For scanning only ports
#nmap –F hostname
-F is for fast scan and this will not do any other scanning like IP address, hostname, operating system, and uptime etc. It’s very much fast as it said in man pages.

Example4 : For scanning only TCP ports
#nmap –sT hostname
Here s is for scanning and T is for only scanning of TCP ports

Example5 : For scanning only UDP ports
#nmap –sU hostname
Here U indicates UDP port scanning

Exmaple6 : Scanning for ports and to get what is the version of different services running on that machine
#nmap –sV hostname
V indicates version of each network service running on that host

Example7 : To check which protocol is supported by the remote machine
#nmap –sO hostname

Example8 : To scan a system for operating system and uptime details
# nmap -O hostname
is for operating system scan along with default port scan

Example9 : Scanning a network
#nmap networkID/subnetmask
For the above command you can try in this way

Some sites to refer (not for practical examples, but for to get good concept):
nmap.org : official site for our NMAP
Please Comment your thoughts regarding this post:-)

  • Like the post? Please Subscribe to free RSS feed to get updates
  • How To Use IPtables to Block ICMP (Internet Control Message Protocol) Requests?


    How to use IPtables to block ICMP (Internet Control Message Protocol) requests?
    Ans : To do this we have understand why we require this thing should be done.
    When Hackers try to hack in to any machine first thing they will do is a basic ping test.

    Code :
    #ping target-machine

    If this is succeed they will come to a conclusion that system is up and they can go forward and they can do DDOS attacks or try to find some other open ports using NMAP command.

    Code :
    #nmap target-machine
    So if you are exposing a machine to outer world from your network, first disable incoming ping requests to your machine as follows.

    So this can be done by two ways through IPtables
    1. Reject the ICMP packets.
    2. Drop the ICMP packets.

    In the above mentioned methods best thing is to drop the ICMP packets, by doing this we are not giving any clue to hacker whether the system is alive or not. Where as if we do reject definitely hacker will come to know that ICMP packets are blocked and the system is live.

    Step1 : Executing following command to drop all the incoming ICMP packets
    #iptables –A INPUT –p icmp --icmp-type echo-request –j DROP
    Let me explain this command
    -A is to append this rule to already existing one.
    INPUT specifies that it’s a

    Step2 : Save this changes to IPtables file (/etc/sysconfig/iptables), restart the IPtables service and check your IPtables status whether your IPtables chain is updated or not.
    #service iptables save
    #service iptables restart
    #iptables –L

    How to allow icmp ping request in case you want them,First we have to remove the rule which we created for blocking the icmp ping.
    #iptables –D INPUT –p icmp --icmp-type echo-request –j DROP

    Then execute the following commands
    #iptables –A INPUT –p icmp --icmp-type echo-request –j ACCEPT
    #service iptables save
    #service iptables restart

    Some points to be noted
    What are the methods used by hackers using this ICMP ping?
    Though these are old denial-of-service attack (DoS attack), worth to learn them
    Ping flood
    Smurf attack
    Ping to death

    Please comment your thoughts regarding this post:-)

  • Like the post? Please Subscribe to free RSS feed to get updates
  • Archive

    Translate this page


    The Linux Juggernaut | Copyright 2006-2009 Surendra Kumar Anne | Surendra's Home Page | Give us feedback how we are doing, Click here