How To Use nmap Command In Linux
Nmap is a network exploration and security auditing command-line program for Linux. Hackers and cybersecurity specialists, as well as network and system administrators, often utilize this program. It serves the following functions:
- Network information in real-time
- All of the active IPs on your network are listed in detail.
- The number of open ports in a network
- provide a list of live hosts.
- Scanning of ports, operating systems, and hosts
Nmap Command Installation
When it comes to Debian/Ubuntu,
apt-get install Nmap sudo
When it comes to CentOS/RedHat,
install Nmap with yum
Using Nmap Command
1. To scan a system using the Hostname and IP address Scan using Hostname first.
Let's do a scan using IP addresses now.
The Nmap command may be used to scan a system in various ways. We're going to run a scan using the hostname and the IP address "22.214.171.124" to see any open ports, services, or MAC addresses on the system.
2. Scan using the "-v" option.
It's utilized to find out more about the remote machines in detail.
3. Scanning of several hosts
nmap 126.96.36.199 188.8.131.52 184.108.40.206
Using Nmap, we may scan many hosts by entering IP addresses or hostnames.
4. Scanning the whole subnet
Bypassing "*" to nmap, we may scan a complete subnet or IP range. It will scan an entire subnet and report on the hosts currently connected to the network.
5. Scan for firewall configurations.
nmap -sA 220.127.116.11 sudo
During penetration testing and vulnerability scanning, detecting firewall settings might be valuable. We utilize the "-sA" option to detect it. This will tell you whether or not the firewall on the host is active. The information is received via an ACK scan.
6. Identifying Hostnames
nmap -sL 18.104.22.168 sudo
We utilize the "sL" option to locate hostnames for the provided host by performing a DNS query for each Hostname. Furthermore, the "-n" option may be used to omit DNS resolution, but the "-R" command will always resolve DNS.
7. Scanning from a file
input.txt Nmap -iL
We may import a file straight from the command line if we have many addresses to scan. It will do a scan for the IP addresses specified.
8. To seek assistance
If we have any queries concerning nmap or any of the commands, we utilize the "-h" option. It displays the Nmap command's help section, including information on the possible flags.
9. Using -A
Here, -A stands for aggressive, and it will supply us with additional information such as OS detection (-O), version detection (-sC), and traceroute (–traceroute), as well as a wealth of information about the host.
Nmap -A<Domain Name>
10. Finding Host
We can also use this command to find our target hosting service or choose other marks based on our requirements for quickly tracing the path.
Nmap —trace out <Domain Name>
11. Operating System
It will show the operating system that is running where the domain or IP address is, but not the same operating system installed on the computer. It will only show the possibility of an operating system being installed on the computer. This will guess the host's current operating system (OS).