NMAP, The Free and Open Source Tool


In an unsecured scenario, security tools are inevitable to safeguard your system. A plethora of security tools are available in the market for network administrators to make use of. These are paid tools, which are based on FOSS (Free and Open Source Software). Here, let’s have a look at Nmap.

Nmap stands for Network Mapper. The free and open source tool can be used for security scanning, network discovery and network exploration. By using Nmap, attackers can easily determine what ports are open on a system. Also it can be used in ethical hacking to find out loopholes and vulnerabilities in the system. It uses raw IP packets in different ways to carry out security scans and identify details like what type of hosts are available on a network, the services that are offered on the system, the operating system and the types of firewalls used in the system etc., apart from a wide variety of other characteristics.

It sends specially crafted packets to the target systems and analyses responses from these systems to gather the required information. Initially written by Gordon Lyon, it was started as a utility just for Linux. Now it has emerged as a cross platform utility available in Windows, Solaris and BSD variants. Nmap is not just limited to gathering information; it can be used as a vulnerability detector also.

Some of the key features of Nmap:

* It identifies hosts on a network and lists the hosts that respond to TCP/ICMP requests.

* It finds out open ports on target hosts.

* It investigates network services on target systems and determines application name and version details.

* It finds out the operating system of target host.

Using scrips functionalities of Nmap can be extended to enable more advanced detection. It provides both command line and graphical (GUI) versions that can be chosen upon your preferences. Nmap package comes with a GUI called zenmap. Nmap is not economically targeted and it aims at providing administrators an advanced tool for their networks. The source code is available for free and the same can be used to make modifications.

The Nmap command comes with lots of options that can make the utility more robust. The Nmap output comprises of a list of scanned targets, with supplemental information on each depending on the options used.

Format of using Nmap is as follows:

nmap [Scan Type] [Option] [target specification]

The complete summary of Nmap options can be obtained by running the command without passing any arguments.

Basic usages of Nmap are discussed below:

Nmap Target Selection:

Scan a single IP: nmap x.x.x.x

Scan a host: nmap thehostname.com

Scan a range of Ips: nmap x.x.x.x-20

Scan a subnet: nmap x.x.x.x/24

Scan targets from a text file: nmap -iL iplist.txt\

Nmap Port Selection:

Scan a single Port: nmap -p 22 x.x.x.x

Scan a range of ports: nmap -p 1-100 x.x.x.x

Scan 100 most common ports: nmap -F x.x.x.x

Scan all ports: nmap -p- x.x.x.x

Service and OS Detection:

Detect OS and Services: nmap -A x.x.x.x

Standard service detection: nmap -sV x.x.x.x

Nmap has gained widespread popularity and have reached thousands of people. Its flexibility, power and ease of use have led to the popularity of the tool..!

Close Menu