https://aznot.com/index.php?action=history&feed=atom&title=NmapNmap - Revision history2026-05-07T04:45:32ZRevision history for this page on the wikiMediaWiki 1.41.0https://aznot.com/index.php?title=Nmap&diff=5047&oldid=prevKenneth at 22:25, 29 January 20192019-01-29T22:25:14Z<p></p>
<p><b>New page</b></p><div>[http://insecure.org/nmap/ nmap]<br />
<br />
# Syn Scan (defaults to SYN Scan if root, Connect Scan if not. See below)<br />
nmap <ip><br />
<br />
# SYN Scan (default scan type if logged in as root)<br />
nmap -sS <ip><br />
# "SYN ->" "SYN/ACK <-" "RST ->"<br />
<br />
# No port scan (ping only) a list of IPs<br />
nmap -iL list.txt -sn<br />
<br />
# TCP Connect Scan (only scan you can do without root privileges)<br />
nmap -sT <ip><br />
# "SYN ->" "SYN/ACK <-" "ACK ->"<br />
<br />
# List Scan does a reverse DNS lookup on a range to find hosts<br />
nmap -sL 66.35.250.150-160<br />
<br />
# Ping Scan does a quick ping to each box, and nothing more<br />
nmap -sP 10.0.0.0-255<br />
<br />
# Nmap 3.75 help example:<br />
namp -v -sS -) www.my.com 192.168.0.0/16 '192.88-90.*.*'<br />
<br />
# Nmap 4.11 help examples:<br />
nmap -v -A scanme.nmap.org<br />
nmap -v -sP 192.168.0.0/16 10.0.0.0/8<br />
nmap -v -iR 10000 -P0 -p 80<br />
<br />
Nmap files can be found here (such as nmap-services):<br />
/usr/share/nmap/<br />
<br />
You can use --datadir flag to point Nmap to alternate support files.<br />
<br />
==Target Specification==<br />
All of these formats will scan the same class B network:<br />
<br />
Wildcards: 192.168.*.*<br />
Range: 192.168.0-255.0-255<br />
Mask Notation: 192.168.0.0/16<br />
<br />
==Common Options==<br />
-sS TCP SYN Scan<br />
-sT TCP connect() scan<br />
-sU UDP port scans (not very reliable)<br />
-v Verbose output<br />
-vv Very verbose output<br />
-O Detect Operating system (TCP/IP fingerprinting)<br />
-sV Service version detection<br />
-P0 Don't ping, just scan<br />
-A Agressive: same thing as -O -sV<br />
-T Scan timing<br />
-p Choose ports to be scanned<br />
-F Fast Scan: only scan ports in nmap-services file<br />
-n Don't do reverse DNS lookup (increase scan speed)<br />
<br />
==nmap References==<br />
<br />
Auditor CD?<br />
<br />
*[http://www.nmap-tutorial.com/ Nmap-Tutorial.com]<br />
*[http://www.irongeek.com/i.php?page=videos/nmap1 IronGeek: Basic Nmap Usage (video slide show)]<br />
*[http://www.irongeek.com/i.php?page=videos/nmap2 IronGeek: Nmap Video Tutorial 2: Port Scan Boogaloo (video slide show)]<br />
*[http://insecure.org/nmap/man/ nmap Reference guide]<br />
<br />
*[http://members.dodo.net.au/~ps2man/Nmap/nmap.html A-SEC Lesson 2 Nmap and other Network Scanning Techniques]<br />
*[http://neworder.box.sk/newsread.php?newsid=1583 Yet Another Nmap Tutorial]<br />
*[http://www.irongeek.com/i.php?page=security/ipinfo What can you find out from an IP?]<br />
<br />
<br />
<br />
* nmap-tutorial - http://nmap.org/bennieston-tutorial/<br />
* Port Scanning Techniques - http://nmap.org/book/man-port-scanning-techniques.html<br />
* Nmap: The Art of Port Scanning - http://nmap.org/nmap_doc.html<br />
* Timing and Performance - http://nmap.org/book/man-performance.html<br />
* http://www.derkeiler.com/Mailing-Lists/securityfocus/security-basics/2007-04/msg00386.html<br />
<br />
<br />
* Top 30 Nmap Command Examples For Sys/Network Admins - http://www.cyberciti.biz/networking/nmap-command-examples-tutorials/</div>Kenneth