NMap – Notes


Simple nmap scan C:\nmap runs a SYN scan on all the port of the machine.

This also equivalent to C:\nmap –sS

To Determine Scanning IP Range

Nmap accepts all the various type of range specifications


IP range can also be specified using inclusion, exclusion list

C:\nmap –iL scanlist.txt
C:\nmap 192.168.*.* –-exclude
C:\nmap 192.168.*.* –excludefile scannerlist.txt


Host Discovery


Port scanning on all the alive hosts consumes too much time. Hence if we need to identify only alive host (ping scan only)

-sn No Port scan. It sends ICMP Echo, SYN to 443 and ACK to 80 to discover hosts`. This is used when the purpose is only to discover host
-PS22-25,80 Port scan 22 – 25, 80. Just SYN packet to that port
-PA <ports> Just send ACK, usually it responds with RST disclosing their existence.
Since Firewalls Block incoming SYN, this is useful. However, practically doesn’t work with high end firewalls due to drop of stateful constraint.
-PU <ports> Hitting unused/closed udp port (default 40125) cause to return ICMP unreachable indicating host discovery, TTL expiry or no response

About Uma Mahesh

A Creator/Equilizer. Creator/Equalizers are catalysts for positive, well-organized change. They never settle for the status quo. Instead, they see the opportunity for innovation in the processes that others have long taken for granted. They respect what's already operating, but they can't help but want to improve upon it. Their special combination provides innovation tempered with profound logic. They have incredible discernment. Should their efforts fail, they are unhesitating in accepting responsibility. They don't wallow in self-pity but rather see these missed attempts as critical steps on the path to success.
This entry was posted in Notes, security, Tutorials and tagged , . Bookmark the permalink.

1 Response to NMap – Notes

  1. Pingback: Vulnerability Assessment tools « Eikonal Blog

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s