Nmap (Network Mapper) is one of the most widely used tools for scanning and mapping networks. Nmap can identify active hosts, open ports, running services and software versions, making it a tool that's as simple as it is indispensable for anyone working in information security.
Installing Nmap on Linux
On Debian/Ubuntu-based distributions:
sudo apt update
sudo apt install nmap
On Fedora/CentOS-based distributions:
sudo dnf install nmap
# or on older versions
sudo yum install nmap
After installation, you can check the version with:
nmap --version
Basic scan
The simplest command to get started is:
nmap <ip_address>
For example:
nmap 192.168.1.1
This command detects the most common open ports on the target host.
Scanning specific ports
To limit the scan to specific ports:
nmap -p 22,80,443 192.168.1.1
-pspecifies the ports to scan- You can use ranges, for example
-p 1-1024for the first 1024 ports
Advanced scanning and service identification
Nmap can also detect running services and software versions:
nmap -sV 192.168.1.1
-sVattempts to identify the service and version on open ports
For a more aggressive scan that also includes OS detection:
sudo nmap -A 192.168.1.1
-Aenables: OS detection, version detection, script scanning and traceroute
Using Nmap scripts (NSE)
Nmap has a scripting engine (Nmap Scripting Engine - NSE) for advanced security tests:
nmap --script vuln 192.168.1.1
--script vulnruns scripts to find known vulnerabilities- You can also run specific scripts, for example:
nmap --script http-enum 192.168.1.1
Saving results
For later analysis, it's useful to save the output:
nmap -oN results.txt 192.168.1.1
-oNsaves in human-readable format (normal)- Other available formats:
-oXfor XML,-oGfor grepable
Best practices
- Use Nmap only on networks you own or are authorized to test. Unauthorized use can be illegal.
- Combine Nmap with other security tools to get a complete picture of the network.
- Regularly update Nmap and its scripts to detect new vulnerabilities.
Useful resources
- Official Nmap website
- NSE documentation: Nmap Scripting Engine
- Practical guides: Nmap Network Scanning
With Nmap, security professionals can quickly identify vulnerabilities and better understand network topology, essential for protecting systems and sensitive data.