Escolar Documentos
Profissional Documentos
Cultura Documentos
Top30NmapCommandExamplesForSys/NetworkAdmins
ME NU
nixCraft
LinuxTips,Hacks,Tutorials,AndIdeasInBlog
Top30NmapCommandExamplesForSys/Network
Admins
byV I V E K GI TE onNOV E MB E R 26, 2012 las t updat ed DE CE MB E R 11, 2012
inCOMMA ND LI NE HA CK S ,HOWTO,NE TWORK I NG,S E CURI TY
mapisshortforNetworkMapper.Itisanopensourcesecuritytoolfornetwork
exploration,securityscanningandauditing.However,nmapcommandcomes
withlotsofoptionsthatcanmaketheutilitymorerobustanddifficulttofollowfornew
users.
Thepurposeofthispostistointroduceausertothenmapcommandlinetooltoscana
hostand/ornetwork,sotofindoutthepossiblevulnerablepointsinthehosts.Youwill
alsolearnhowtouseNmapforoffensiveanddefensivepurposes.
http://www.cyberciti.biz/networking/nmapcommandexamplestutorials/
1/27
9/24/2016
Top30NmapCommandExamplesForSys/NetworkAdmins
nmapinaction
Moreaboutnmap
Fromthemanpage:
Nmap(NetworkMapper)isanopensourcetoolfornetworkexplorationand
securityauditing.Itwasdesignedtorapidlyscanlargenetworks,althoughitworks
fineagainstsinglehosts.NmapusesrawIPpacketsinnovelwaystodetermine
whathostsareavailableonthenetwork,whatservices(applicationnameand
version)thosehostsareoffering,whatoperatingsystems(andOSversions)they
arerunning,whattypeofpacketfilters/firewallsareinuse,anddozensofother
characteristics.WhileNmapiscommonlyusedforsecurityaudits,manysystems
andnetworkadministratorsfinditusefulforroutinetaskssuchasnetworkinventory,
managingserviceupgradeschedules,andmonitoringhostorserviceuptime.
http://www.cyberciti.biz/networking/nmapcommandexamplestutorials/
2/27
9/24/2016
Top30NmapCommandExamplesForSys/NetworkAdmins
ItwasoriginallywrittenbyGordonLyonanditcananswerthefollowingquestions
easily:
1. Whatcomputersdidyoufindrunningonthelocalnetwork?
2. WhatIPaddressesdidyoufindrunningonthelocalnetwork?
3. Whatistheoperatingsystemofyourtargetmachine?
4. Findoutwhatportsareopenonthemachinethatyoujustscanned?
5. Findoutifthesystemisinfectedwithmalwareorvirus.
6. Searchforunauthorizedserversornetworkserviceonyournetwork.
7. Findandremovecomputerswhichdontmeettheorganizationsminimumlevelof
security.
Samplesetup(LAB)
Portscanningmaybeillegalinsomejurisdictions.Sosetupalabasfollows:
++
++|Network|++
|server1|+swtich+|server2|
++|(sw0)|++
+++
|
|
+++
|wks01Linux/OSX|
++
Where,
wks01isyourcomputereitherrunningLinux/OSXorUnixlikeoperatingsystem.It
isusedforscanningyourlocalnetwork.Thenmapcommandmustbeinstalledon
thiscomputer.
http://www.cyberciti.biz/networking/nmapcommandexamplestutorials/
3/27
9/24/2016
Top30NmapCommandExamplesForSys/NetworkAdmins
server1canbepoweredbyLinux/Unix/MSWindowsoperatingsystems.Thisis
anunpatchedserver.Feelfreetoinstallafewservicessuchasawebserver,file
serverandsoon.
server2canbepoweredbyLinux/Unix/MSWindowsoperatingsystems.Thisisa
fullypatchedserverwithfirewall.Again,feelfreetoinstallfewservicessuchasa
webserver,fileserverandsoon.
Allthreesystemsareconnectedviaswitch.
HowdoIinstallnmap?
See:
1. Debian/UbuntuLinux:InstallnmapSoftwareForScanningNetwork
2. CentOS/RHEL:InstallnmapNetworkSecurityScanner
3. OpenBSD:InstallnmapNetworkSecurityScanner
#1:ScanasinglehostoranIPaddress(IPv4)
###Scanasingleipaddress###
nmap192.168.1.1
##Scanahostname###
nmapserver1.cyberciti.biz
##Scanahostnamewithmoreinfo###
nmapvserver1.cyberciti.biz
Sampleoutputs:
http://www.cyberciti.biz/networking/nmapcommandexamplestutorials/
4/27
9/24/2016
Top30NmapCommandExamplesForSys/NetworkAdmins
Fig.01:nmapoutput
#2:ScanmultipleIPaddressorsubnet(IPv4)
nmap192.168.1.1192.168.1.2192.168.1.3
##workswithsamesubneti.e.192.168.1.0/24
nmap192.168.1.1,2,3
YoucanscanarangeofIPaddresstoo:
nmap192.168.1.120
YoucanscanarangeofIPaddressusingawildcard:
nmap192.168.1.*
Finally,youscananentiresubnet:
nmap192.168.1.0/24
#3:Readlistofhosts/networksfromafile(IPv4)
TheiLoptionallowsyoutoreadthelistoftargetsystemsusingatextfile.Thisisuseful
toscanalargenumberofhosts/networks.Createatextfileasfollows:
cat>/tmp/test.txt
Sampleoutputs:
http://www.cyberciti.biz/networking/nmapcommandexamplestutorials/
5/27
9/24/2016
Top30NmapCommandExamplesForSys/NetworkAdmins
server1.cyberciti.biz
192.168.1.0/24
192.168.1.1/24
10.1.2.3
localhost
Thesyntaxis:
nmapiL/tmp/test.txt
#4:Excludinghosts/networks(IPv4)
Whenscanningalargenumberofhosts/networksyoucanexcludehostsfromascan:
nmap192.168.1.0/24exclude192.168.1.5
nmap192.168.1.0/24exclude192.168.1.5,192.168.1.254
ORexcludelistfromafilecalled/tmp/exclude.txt
nmapiL/tmp/scanlist.txtexcludefile/tmp/exclude.txt
#5:TurnonOSandversiondetectionscanningscript(IPv4)
nmapA192.168.1.254
nmapvA192.168.1.1
nmapAiL/tmp/scanlist.txt
http://www.cyberciti.biz/networking/nmapcommandexamplestutorials/
6/27
9/24/2016
Top30NmapCommandExamplesForSys/NetworkAdmins
#6:Findoutifahost/networkisprotectedbyafirewall
nmapsA192.168.1.254
nmapsAserver1.cyberciti.biz
#7:Scanahostwhenprotectedbythefirewall
nmapPN192.168.1.1
nmapPNserver1.cyberciti.biz
#8:ScananIPv6host/address
The6optionenableIPv6scanning.Thesyntaxis:
nmap6IPv6AddressHere
nmap6server1.cyberciti.biz
nmap62607:f0d0:1002:51::4
nmapvA62607:f0d0:1002:51::4
#9:Scananetworkandfindoutwhichserversanddevicesareupand
running
Thisisknownashostdiscoveryorpingscan:
nmapsP192.168.1.0/24
Sampleoutputs:
http://www.cyberciti.biz/networking/nmapcommandexamplestutorials/
7/27
9/24/2016
Top30NmapCommandExamplesForSys/NetworkAdmins
Host192.168.1.1isup(0.00035slatency).
MACAddress:BC:AE:C5:C3:16:93(Unknown)
Host192.168.1.2isup(0.0038slatency).
MACAddress:74:44:01:40:57:FB(Unknown)
Host192.168.1.5isup.
Hostnas03(192.168.1.12)isup(0.0091slatency).
MACAddress:00:11:32:11:15:FC(SynologyIncorporated)
Nmapdone:256IPaddresses(4hostsup)scannedin2.80second
#10:HowdoIperformafastscan?
nmapF192.168.1.1
#11:Displaythereasonaportisinaparticularstate
nmapreason192.168.1.1
nmapreasonserver1.cyberciti.biz
#12:Onlyshowopen(orpossiblyopen)ports
nmapopen192.168.1.1
nmapopenserver1.cyberciti.biz
#13:Showallpacketssentandreceived
nmappackettrace192.168.1.1
nmappackettraceserver1.cyberciti.biz
http://www.cyberciti.biz/networking/nmapcommandexamplestutorials/
8/27
9/24/2016
Top30NmapCommandExamplesForSys/NetworkAdmins
14#:Showhostinterfacesandroutes
Thisisusefulfordebugging(ipcommandorroutecommandornetstatcommandlike
outputusingnmap)
nmapiflist
Sampleoutputs:
StartingNmap5.00(http://nmap.org)at2012112702:01IST
************************INTERFACES************************
DEV(SHORT)IP/MASKTYPEUPMAC
lo(lo)127.0.0.1/8loopbackup
eth0(eth0)192.168.1.5/24ethernetupB8:AC:6F:65:31:E5
vmnet1(vmnet1)192.168.121.1/24ethernetup00:50:56:C0:00:01
vmnet8(vmnet8)192.168.179.1/24ethernetup00:50:56:C0:00:08
ppp0(ppp0)10.1.19.69/32point2pointup
**************************ROUTES**************************
DST/MASKDEVGATEWAY
10.0.31.178/32ppp0
209.133.67.35/32eth0192.168.1.2
192.168.1.0/0eth0
192.168.121.0/0vmnet1
192.168.179.0/0vmnet8
169.254.0.0/0eth0
10.0.0.0/0ppp0
0.0.0.0/0eth0192.168.1.2
#15:HowdoIscanspecificports?
nmapp[port]hostName
##Scanport80
nmapp80192.168.1.1
##ScanTCPport80
nmappT:80192.168.1.1
##ScanUDPport53
nmappU:53192.168.1.1
##Scantwoports##
nmapp80,443192.168.1.1
##Scanportranges##
nmapp80200192.168.1.1
http://www.cyberciti.biz/networking/nmapcommandexamplestutorials/
9/27
9/24/2016
Top30NmapCommandExamplesForSys/NetworkAdmins
##Combinealloptions##
nmappU:53,111,137,T:2125,80,139,8080192.168.1.1
nmappU:53,111,137,T:2125,80,139,8080server1.cyberciti.biz
nmapvsUsTpU:53,111,137,T:2125,80,139,8080192.168.1.254
##Scanallportswith*wildcard##
nmapp"*"192.168.1.1
##Scantopportsi.e.scan$numbermostcommonports##
nmaptopports5192.168.1.1
nmaptopports10192.168.1.1
Sampleoutputs:
StartingNmap5.00(http://nmap.org)at2012112701:23IST
Interestingportson192.168.1.1:
PORTSTATESERVICE
21/tcpclosedftp
22/tcpopenssh
23/tcpclosedtelnet
25/tcpclosedsmtp
80/tcpopenhttp
110/tcpclosedpop3
139/tcpclosednetbiosssn
443/tcpclosedhttps
445/tcpclosedmicrosoftds
3389/tcpclosedmstermserv
MACAddress:BC:AE:C5:C3:16:93(Unknown)
Nmapdone:1IPaddress(1hostup)scannedin0.51seconds
#16:Thefastestwaytoscanallyourdevices/computersforopen
portsever
nmapT5192.168.1.0/24
#17:HowdoIdetectremoteoperatingsystem?
YoucanidentifyaremotehostappsandOSusingtheOoption:
nmapO192.168.1.1
nmapOosscanguess192.168.1.1
nmapvOosscanguess192.168.1.1
http://www.cyberciti.biz/networking/nmapcommandexamplestutorials/
10/27
9/24/2016
Top30NmapCommandExamplesForSys/NetworkAdmins
Sampleoutputs:
StartingNmap5.00(http://nmap.org)at2012112701:29IST
NSE:Loaded0scriptsforscanning.
InitiatingARPPingScanat01:29
Scanning192.168.1.1[1port]
CompletedARPPingScanat01:29,0.01selapsed(1totalhosts)
InitiatingParallelDNSresolutionof1host.at01:29
CompletedParallelDNSresolutionof1host.at01:29,0.22selapsed
InitiatingSYNStealthScanat01:29
Scanning192.168.1.1[1000ports]
Discoveredopenport80/tcpon192.168.1.1
Discoveredopenport22/tcpon192.168.1.1
CompletedSYNStealthScanat01:29,0.16selapsed(1000totalports)
InitiatingOSdetection(try#1)against192.168.1.1
RetryingOSdetection(try#2)against192.168.1.1
RetryingOSdetection(try#3)against192.168.1.1
RetryingOSdetection(try#4)against192.168.1.1
RetryingOSdetection(try#5)against192.168.1.1
Host192.168.1.1isup(0.00049slatency).
Interestingportson192.168.1.1:
Notshown:998closedports
PORTSTATESERVICE
22/tcpopenssh
80/tcpopenhttp
MACAddress:BC:AE:C5:C3:16:93(Unknown)
Devicetype:WAP|generalpurpose|router|printer|broadbandrouter
Running(JUSTGUESSING):LinksysLinux2.4.X(95%),Linux2.4.X|2.
6.X(94%),MikroTikRouterOS3.X(92%),Lexmarkembedded(90%),Ent
erasysembedded(89%),DLinkLinux2.4.X(89%),NetgearLinux2.4.
X(89%)
AggressiveOSguesses:OpenWrtWhiteRussian0.9(Linux2.4.30)(95
%),OpenWrt0.97.09(Linux2.4.302.4.34)(94%),OpenWrtKamik
http://www.cyberciti.biz/networking/nmapcommandexamplestutorials/
11/27
9/24/2016
Top30NmapCommandExamplesForSys/NetworkAdmins
aze7.09(Linux2.6.22)(94%),Linux2.4.212.4.31(likelyembedd
ed)(92%),Linux2.6.152.6.23(embedded)(92%),Linux2.6.152
.6.24(92%),MikroTikRouterOS3.0beta5(92%),MikroTikRouterOS3.
17(92%),Linux2.6.24(91%),Linux2.6.22(90%)
NoexactOSmatchesforhost(IfyouknowwhatOSisrunningonit,
seehttp://nmap.org/submit/).
TCP/IPfingerprint:
OS:SCAN(V=5.00%D=11/27%OT=22%CT=1%CU=30609%PV=Y%DS=1%G=Y%M=BCAEC5%TM=50B3CA
OS:4B%P=x86_64unknownlinuxgnu)SEQ(SP=C8%GCD=1%ISR=CB%TI=Z%CI=Z%II=I%TS=7
OS:)OPS(O1=M2300ST11NW2%O2=M2300ST11NW2%O3=M2300NNT11NW2%O4=M2300ST11NW2%O5
OS:=M2300ST11NW2%O6=M2300ST11)WIN(W1=45E8%W2=45E8%W3=45E8%W4=45E8%W5=45E8%W
OS:6=45E8)ECN(R=Y%DF=Y%T=40%W=4600%O=M2300NNSNW2%CC=N%Q=)T1(R=Y%DF=Y%T=40%S
OS:=O%A=S+%F=AS%RD=0%Q=)T2(R=N)T3(R=N)T4(R=Y%DF=Y%T=40%W=0%S=A%A=Z%F=R%O=%R
OS:D=0%Q=)T5(R=Y%DF=Y%T=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)T6(R=Y%DF=Y%T=40%W=
OS:0%S=A%A=Z%F=R%O=%RD=0%Q=)T7(R=N)U1(R=Y%DF=N%T=40%IPL=164%UN=0%RIPL=G%RID
OS:=G%RIPCK=G%RUCK=G%RUD=G)IE(R=Y%DFI=N%T=40%CD=S)
Uptimeguess:12.990days(sinceWedNov1401:44:402012)
NetworkDistance:1hop
TCPSequencePrediction:Difficulty=200(Goodluck!)
IPIDSequenceGeneration:Allzeros
Readdatafilesfrom:/usr/share/nmap
OSdetectionperformed.Pleasereportanyincorrectresultsathttp://nmap.org
Nmapdone:1IPaddress(1hostup)scannedin12.38seconds
Rawpacketssent:1126(53.832KB)|Rcvd:1066(46.100KB)
Seealso:Fingerprintingawebserverandadnsservercommandlinetoolsformore
information.
#18:HowdoIdetectremoteservices(server/daemon)version
numbers?
http://www.cyberciti.biz/networking/nmapcommandexamplestutorials/
12/27
9/24/2016
Top30NmapCommandExamplesForSys/NetworkAdmins
nmapsV192.168.1.1
Sampleoutputs:
StartingNmap5.00(http://nmap.org)at2012112701:34IST
Interestingportson192.168.1.1:
Notshown:998closedports
PORTSTATESERVICEVERSION
22/tcpopensshDropbearsshd0.52(protocol2.0)
80/tcpopenhttp?
1serviceunrecognizeddespitereturningdata.
#19:ScanahostusingTCPACK(PA)andTCPSyn(PS)ping
IffirewallisblockingstandardICMPpings,trythefollowinghostdiscoverymethods:
nmapPS192.168.1.1
nmapPS80,21,443192.168.1.1
nmapPA192.168.1.1
nmapPA80,21,200512192.168.1.1
#20:ScanahostusingIPprotocolping
nmapPO192.168.1.1
#21:ScanahostusingUDPping
ThisscanbypassesfirewallsandfiltersthatonlyscreenTCP:
http://www.cyberciti.biz/networking/nmapcommandexamplestutorials/
13/27
9/24/2016
Top30NmapCommandExamplesForSys/NetworkAdmins
nmapPU192.168.1.1
nmapPU2000.2001192.168.1.1
#22:FindoutthemostcommonlyusedTCPportsusingTCPSYN
Scan
###Stealthyscan###
nmapsS192.168.1.1
###FindoutthemostcommonlyusedTCPportsusingTCPconnectscan(warning:nostealthscan)
###OSFingerprinting###
nmapsT192.168.1.1
###FindoutthemostcommonlyusedTCPportsusingTCPACKscan
nmapsA192.168.1.1
###FindoutthemostcommonlyusedTCPportsusingTCPWindowscan
nmapsW192.168.1.1
###FindoutthemostcommonlyusedTCPportsusingTCPMaimonscan
nmapsM192.168.1.1
#23:ScanahostforUDPservices(UDPscan)
MostpopularservicesontheInternetrunovertheTCPprotocol.DNS,SNMP,and
DHCParethreeofthemostcommonUDPservices.Usethefollowingsyntaxtofindout
UDPservices:
nmapsUnas03
nmapsU192.168.1.1
Sampleoutputs:
StartingNmap5.00(http://nmap.org)at2012112700:52IST
Stats:0:05:29elapsed;0hostscompleted(1up),1undergoingUDPScan
UDPScanTiming:About32.49%done;ETC:01:09(0:11:26remaining)
Interestingportsonnas03(192.168.1.12):
Notshown:995closedports
PORTSTATESERVICE
http://www.cyberciti.biz/networking/nmapcommandexamplestutorials/
14/27
9/24/2016
Top30NmapCommandExamplesForSys/NetworkAdmins
111/udpopen|filteredrpcbind
123/udpopen|filteredntp
161/udpopen|filteredsnmp
2049/udpopen|filterednfs
5353/udpopen|filteredzeroconf
MACAddress:00:11:32:11:15:FC(SynologyIncorporated)
Nmapdone:1IPaddress(1hostup)scannedin1099.55seconds
#24:ScanforIPprotocol
ThistypeofscanallowsyoutodeterminewhichIPprotocols(TCP,ICMP,IGMP,etc.)
aresupportedbytargetmachines:
nmapsO192.168.1.1
#25:Scanafirewallforsecurityweakness
ThefollowingscantypesexploitasubtleloopholeintheTCPandgoodfortesting
securityofcommonattacks:
##TCPNullScantofoolafirewalltogeneratearesponse##
##Doesnotsetanybits(TCPflagheaderis0)##
nmapsN192.168.1.254
##TCPFinscantocheckfirewall##
##SetsjusttheTCPFINbit##
nmapsF192.168.1.254
##TCPXmasscantocheckfirewall##
##SetstheFIN,PSH,andURGflags,lightingthepacketuplikeaChristmastree##
nmapsX192.168.1.254
SeehowtoblockXmaspackkets,synfloodsandotherconmanattackswithiptables.
#26:Scanafirewallforpacketsfragments
Thefoptioncausestherequestedscan(includingpingscans)tousetinyfragmented
IPpackets.TheideaistosplituptheTCPheaderover
severalpacketstomakeitharderforpacketfilters,intrusiondetectionsystems,and
http://www.cyberciti.biz/networking/nmapcommandexamplestutorials/
15/27
9/24/2016
Top30NmapCommandExamplesForSys/NetworkAdmins
otherannoyancestodetectwhatyouaredoing.
nmapf192.168.1.1
nmapffw2.nixcraft.net.in
nmapf15fw2.nixcraft.net.in
##Setyourownoffsetsizewiththemtuoption##
nmapmtu32192.168.1.1
#27:Cloakascanwithdecoys
TheDoptionitappeartotheremotehostthatthehost(s)youspecifyasdecoysare
scanningthetargetnetworktoo.ThustheirIDSmightreport510portscansfrom
uniqueIPaddresses,buttheywontknowwhichIPwasscanningthemandwhichwere
innocentdecoys:
nmapnDdecoyip1,decoyip2,yourownip,decoyip3,decoyip4remotehostip
nmapnD192.168.1.5,10.5.1.2,172.1.2.4,3.4.2.1192.168.1.5
#28:ScanafirewallforMACaddressspoofing
###SpoofyourMACaddress##
nmapspoofmacMACADDRESSHERE192.168.1.1
###Addotheroptions###
nmapvsTPNspoofmacMACADDRESSHERE192.168.1.1
###UsearandomMACaddress###
###Thenumber0,meansnmapchoosesacompletelyrandomMACaddress###
nmapvsTPNspoofmac0192.168.1.1
#29:HowdoIsaveoutputtoatextfile?
Thesyntaxis:
http://www.cyberciti.biz/networking/nmapcommandexamplestutorials/
16/27
9/24/2016
Top30NmapCommandExamplesForSys/NetworkAdmins
nmap192.168.1.1>output.txt
nmapoN/path/to/filename192.168.1.1
nmapoNoutput.txt192.168.1.1
#30:Notafanofcommandlinetools?
Tryzenmaptheofficialnetworkmapperfrontend:
ZenmapistheofficialNmapSecurityScannerGUI.Itisamultiplatform(Linux,
Windows,MacOSX,BSD,etc.)freeandopensourceapplicationwhichaimsto
makeNmapeasyforbeginnerstousewhileprovidingadvancedfeaturesfor
experiencedNmapusers.Frequentlyusedscanscanbesavedasprofilestomake
themeasytorunrepeatedly.Acommandcreatorallowsinteractivecreationof
Nmapcommandlines.Scanresultscanbesavedandviewedlater.Savedscan
resultscanbecomparedwithoneanothertoseehowtheydiffer.Theresultsof
recentscansarestoredinasearchabledatabase.
Youcaninstallzenmapusingthefollowingaptgetcommand:
$sudoaptgetinstallzenmap
Sampleoutputs:
[sudo]passwordforvivek:
Readingpackagelists...Done
Buildingdependencytree
Readingstateinformation...Done
ThefollowingNEWpackageswillbeinstalled:
zenmap
0upgraded,1newlyinstalled,0toremoveand11notupgraded.
Needtoget616kBofarchives.
http://www.cyberciti.biz/networking/nmapcommandexamplestutorials/
17/27
9/24/2016
Top30NmapCommandExamplesForSys/NetworkAdmins
Afterthisoperation,1,827kBofadditionaldiskspacewillbeused.
Get:1http://debian.osuosl.org/debian/squeeze/mainzenmapamd645.003[616k
Fetched616kBin3s(199kB/s)
Selectingpreviouslydeselectedpackagezenmap.
(Readingdatabase...281105filesanddirectoriescurrentlyinstalled.)
Unpackingzenmap(from.../zenmap_5.003_amd64.deb)...
Processingtriggersfordesktopfileutils...
Processingtriggersforgnomemenus...
Processingtriggersformandb...
Settingupzenmap(5.003)...
Processingtriggersforpythoncentral...
Typethefollowingcommandtostartzenmap:
$sudozenmap
Sampleoutputs
http://www.cyberciti.biz/networking/nmapcommandexamplestutorials/
18/27
9/24/2016
Top30NmapCommandExamplesForSys/NetworkAdmins
Fig.02:zenmapinaction
HowdoIdetectandblockportscanning?
Trythefollowingresources:
1. Howtousepsadtooltodetectandblockportscanattacksinrealtime.
2. Debian/UbuntuLinux:InstallandConfigureShorelineFirewall(Shorewall).
3. CentOS/RedhatIptablesFirewallConfigurationTutorial.
http://www.cyberciti.biz/networking/nmapcommandexamplestutorials/
19/27
9/24/2016
Top30NmapCommandExamplesForSys/NetworkAdmins
4. Linux:20IptablesExamplesForNewSysAdmins.
5. 20LinuxServerHardeningSecurityTips.
References:
TheofficialNmapprojectguidetonetworkdiscoveryandsecurityScanning.
TheofficialNmapprojecthomepage.
Thenmapcommandhasmanymoreoptions,pleasegothroughmanpageorthe
documentationformoreinformation.Whataresomeofyourfavoritenmapcommand
linetricks?Shareyourfavoritetips,tricks,andadviceinthecommentsbelow.
Sharethison:
Twitter
Google+
DownloadPDFversion
Foundanerror/typoonthispage?
Abouttheauthor:VivekGiteisaseasonedsysadminandatrainerfortheLinux/Unix&shell
scripting.FollowhimonTwitter.ORreadmorelikethis:
15GreatestOpenSourceTerminalApplicationsOf2012
LinuxifdataCommand:SeeNetworkInterfaceInfoWithoutParsingifconfig
5Linux/UnixCommandsForConnectingToTheSerialConsole
agedu:Unix/LinuxCommandForTrackingDownWastedDiskSpace
Goldendict:AFeaturerichDictionaryLookupLinuxProgram
HowTo:ConnectTwoWirelessRouterWirelessly(Bridge)WithOpenSource
CollectingUbuntuLinuxSystemInformation
30CoolOpenSourceSoftwareIDiscoveredin2013
BookReview:FreeBSDMastery:SpecialtyFilesystem
TestingHTTPStatus:206PartialContentandRangeRequests
Taggedas:Apple,DebianLinux,FreeBSD,Linux,Ubuntu,Unix
{22commentsaddone}
http://www.cyberciti.biz/networking/nmapcommandexamplestutorials/
20/27
9/24/2016
Top30NmapCommandExamplesForSys/NetworkAdmins
Ar3xXx May13,2016,12:47pm
ThxmateIwillusethisascheatsheet:)
Reply
phoenix6142 March16,2016,12:15am
Ifoundthisarticleveryhelpful.ImdefinitelysavingthisBookmarkforfuturereference.
IvebeenusingnmapsP192.168.1.0/24foraverylongtimejusttoseewhichclients
areonline.OSDetectisalsoveryusefulinArmitageandMetasploit.LongliveLinux!
Reply
P4 January5,2016,1:36pm
forblockingaportscangiveportsentryatry:)
https://plus.google.com/+RemikPi/posts/TB3Wu2xJMsB
Reply
BobCynic November10,2014,5:29am
Beautifullyformattedmanpagethanks!)
Reply
far November4,2014,3:30am
whatdoesnmapsnPI192.168.1.0/24do?
Reply
http://www.cyberciti.biz/networking/nmapcommandexamplestutorials/
21/27
9/24/2016
Top30NmapCommandExamplesForSys/NetworkAdmins
Scott September22,2014,6:00pm
AnyonegotanyexamplesofusingnmaptogenerateaRARPmessage?
Reply
MurphyMason June21,2014,4:52pm
veryinterreting
Reply
HD May6,2014,12:09pm
Thequestionishowtomonitorpeoplewhouse/runNMAPandcreateareportaboutit
Thanks
Reply
benhuan December10,2013,9:41am
Loveit,Thanksforsharing
Reply
s33d3r November7,2013,5:59am
VeryUsefulandThanksfortheinformation
Reply
Andrew July23,2013,3:46pm
http://www.cyberciti.biz/networking/nmapcommandexamplestutorials/
22/27
9/24/2016
Top30NmapCommandExamplesForSys/NetworkAdmins
Oneoftheusesfornmap,asstatedabove,istofindoutifthesystemisinfectedwith
malwareorvirus.Howisthisaccomplished?Areyoureferringtousingthescript,http
malwarehost?
Reply
SMohamed May15,2013,12:40pm
MyfavoritenmaptoscanforOSofarangeofIPs,withoutputasaXMLfile:
nmapAT3oXMyFile.xml192.168.56.101120
(A:OSdetection,versiondetection,scriptscanning,tracerouteT3:Speedmedium)
Reply
Ksdyathish December7,2012,6:18pm
Veryveryusefulandsimplecommands!Thankyou.
Reply
Awhitehatter November30,2012,10:48pm
SeveralplacesmentionedthePNswitch,butthisisdepreciated,usePninstead.
Pn(Noping).
ThisoptionskipstheNmapdiscoverystagealtogether.Normally,Nmapusesthisstage
todetermineactivemachinesforheavierscanning.Bydefault,Nmaponlyperforms
heavyprobingsuchasportscans,versiondetection,
orOSdetectionagainsthoststhatarefoundtobeup.DisablinghostdiscoverywithPn
causesNmaptoattempttherequestedscanningfunctionsagainsteverytargetIP
addressspecified.SoifaclassBtargetaddress
space(/16)isspecifiedonthecommandline,all65,536IPaddressesarescanned.
Properhostdiscoveryisskippedaswiththelistscan,butinsteadofstoppingand
printingthetargetlist,Nmapcontinuestoperform
http://www.cyberciti.biz/networking/nmapcommandexamplestutorials/
23/27
9/24/2016
Top30NmapCommandExamplesForSys/NetworkAdmins
requestedfunctionsasifeachtargetIPisactive.Toskippingscanandportscan,while
stillallowingNSEtorun,usethetwooptionsPnsntogether.
Formachinesonalocalethernetnetwork,ARPscanningwillstillbeperformed(unless
sendipisspecified)becauseNmapneedsMACaddressestofurtherscantarget
hosts.InpreviousversionsofNmap,PnwasP0.
andPN..
Reply
DUNGNA November28,2012,1:49pm
Thanksyouforsharing!
Reply
Chris November27,2012,8:07pm
Thanksforthisveryusefullpost!!
Reply
JalalHajigholamali November27,2012,5:49am
Hi,
Veryniceandusefularticle
Thanksagain
Reply
http://www.cyberciti.biz/networking/nmapcommandexamplestutorials/
24/27
9/24/2016
Top30NmapCommandExamplesForSys/NetworkAdmins
cycop November27,2012,4:58am
NiceInfo,,,
Reply
Nullyman January16,2015,6:48pm
hellopleasihavedownloadnmapandinstall,butidntknowwhertoevenrunit
Reply
HoppingBunny May14,2015,3:20am
Ifyouareonalinuxorsimilarsystem,itshouldbeavailableonthecommand
linelikethis:
sudonmapFhttp://www.gmail.com<==typethisonthecommandline
youwillgettheoutputbelow:
StartingNmap5.51(http://nmap.org)at2015051323:18EDT
Nmapscanreportforhttp://www.gmail.com(216.58.219.197)
Hostisup(0.010slatency).
rDNSrecordfor216.58.219.197:lga25s40inf5.1e100.net
Notshown:98filteredports
PORTSTATESERVICE
80/tcpopenhttp
443/tcpopenhttps
Reply
Roy November27,2012,4:30am
Ilovenamp.GreatpostSir.
http://www.cyberciti.biz/networking/nmapcommandexamplestutorials/
25/27
9/24/2016
Top30NmapCommandExamplesForSys/NetworkAdmins
Reply
Felipe November26,2012,10:32pm
Wow!Prettygoodandeasy.Thankyousomuchforthegreattopic,Imahugefanof
nmap/zenmap
Reply
Security:Areyouarobotorhuman?
I'm not a robot
reCAPTCHA
Privacy - Terms
LeaveaComment
Name
Comment
ReceiveEmailNotifications?
yes,repliestomycomment
Or,youcansubscribewithoutcommenting.
http://www.cyberciti.biz/networking/nmapcommandexamplestutorials/
instantly
26/27
9/24/2016
Top30NmapCommandExamplesForSys/NetworkAdmins
Submit
Nextpost:DownloadSamba4:ActiveDirectoryCompatibleServer
Previouspost:diffCommand:ColorizeOutputOnTheUnix/LinuxCommandLine
20002016nixCraft.Allrightsreserved.PrivacyPolicyTermsofServiceQuestionsorComments
ThecontentiscopyrightedtonixCraftandmaynotbereproducedonotherwebsites.
http://www.cyberciti.biz/networking/nmapcommandexamplestutorials/
27/27