On Linux, how does one use the Nmap security scanning tool?

Source: Internet
Author: User

On Linux, how does one use the Nmap security scanning tool?

Nmap is a free open-source network discovery and security review utility. It is widely used in the Linux user community because it is easy to use and powerful. Nmap works as follows: It sends data packets to a specific target system (by IP address) and interprets inbound data packets, determine what ports are enabled/disabled, what services are running on the scanned system, whether the firewall or filter is set and enabled, and finally what operating system is running. Those functions can be used in a variety of scenarios. We do not encourage or recommend that nmap be used for illegal activities.

Install Nmap

First, you should install the "nmap" package on your system.

On CentOS

Yum install nmap

On Debian

Apt-get install nmap

On Ubuntu

Sudo apt-get install nmap

Use Nmap security scanning tool

Then, you can run the "nmap" command on the terminal to keep up with the IP address or website address of the target system and various available parameters. To fully understand all the parameters that can be used with nmap, use the "nmap-help" command.

Nmap command list (click to view the chart)

To introduce nmap to you, I will provide several examples and provide a brief explanation, so that you can change each command as required.

Sudo nmap-sS [IP address] or [website address]

This basic command can be used to quickly check whether the website is running normally (I used the howtoforge.com IP address in this article) without having to establish any "log-recorded" interaction with the target server. Note: Four opened ports are also displayed.

Use Nmap to scan IP addresses

Sudo nmap-O -- osscan-guess [IP address] or [website address]

This command instructs nmap to try to guess which operating system is running on the target system. If all ports are filtered (this is the case on the screen), this "Guess" command will be the best option, but the results may be unreliable. The percentage is uncertain.

Use Nmap to guess the Operating System

Sudo nmap-vv [IP address] or [website address]

If you want to check the port opened by the target system, this ping scan command is helpful.

Use Nmap to check opened ports

Sudo nmap-sV [IP address] or [website address]

This command allows you to check the services running on the target system. Note: The "cloudflare-ngnix" information is added to the service that opens the port.

Use Nmap to check running services

Zenmap: Nmap-oriented GUI

All of the above commands are very useful. You can take a deeper look at each option and see what information you can understand the target system. But for those who want a user-friendly method, they should install the "zenmap" package, a Nmap-oriented graphical user interface (GUI) tool.

In addition to the convenient box provided by Zenmap to insert the IP address (or website address) of your target system, and output the highlighted results in a more pleasing way, the main advantage is that, it provides pre-configured Nmap commands that you can quickly select and run. In addition, the software provides test and comparison tools, topology drawing tools, and the ability to save scan results for administrators to view and evaluate.

Zenmap GUI for Nmap

Zenmap

Related Links

Nmap: https://nmap.org

For more Nmap tutorials, see the following:

Install Nmap 6.46.1 on Ubuntu 14.04

Port scanning tool nmap in Linux

Nmap-network scanning and sniffing Toolkit

Nmap application skills

A tortuous installation of nmap in RedHat Enterprise Linux 5

Hide and seek nmap commands and firewalls in Linux

This article permanently updates the link address:

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.