Thanks to visit codestin.com
Credit goes to www.scribd.com

Scribd
Upload
65 views4 pages

Nmap IPv4 Scanning Techniques Guide

The document provides instructions for using Nmap to scan individual hosts, ranges of IP addresses, entire subnets, and lists of targets from a file. It describes options for more advanced scans such as detecting operating systems, services, firewalls and open ports as well as saving scan results to a text file and debugging packet transmissions.

Uploaded by

fallli
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as ODT, PDF, TXT or read online on Scribd
65 views4 pages

Nmap IPv4 Scanning Techniques Guide

The document provides instructions for using Nmap to scan individual hosts, ranges of IP addresses, entire subnets, and lists of targets from a file. It describes options for more advanced scans such as detecting operating systems, services, firewalls and open ports as well as saving scan results to a text file and debugging packet transmissions.

Uploaded by

fallli
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as ODT, PDF, TXT or read online on Scribd
You are on page 1/ 4

1: Scan a single host or an IP address (IPv4)

### Scan a single ip address ###


nmap 192.168.1.1

## Scan a host name ###


nmap server1.cyberciti.biz

## Scan a host name with more info###


nmap -v server1.cyberciti.biz

2: Scan multiple IP address or subnet (Ipv4)


nmap 192.168.1.1 192.168.1.2 192.168.1.3
nmap 192.168.1.1,2,3

scan a range of IP address too:

nmap 192.168.1.1-20

scan a range of IP address using a wildcard:

nmap 192.168.1.*

3: Read list of hosts/networks from a file (IPv4)

The -iL option allows you to read the list of target systems using a text file. This is useful to
scan a large number of hosts/networks. Create a text file as follows:
cat > /tmp/test.txt

nmap -iL /tmp/test.txt

4: Excluding hosts/networks (IPv4)

When scanning a large number of hosts/networks you can exclude hosts from a scan:

nmap 192.168.1.0/24 --exclude 192.168.1.5

nmap 192.168.1.0/24 --exclude 192.168.1.5,192.168.1.254


5: Turn on OS and version detection scanning script (IPv4)
nmap -A 192.168.1.254
nmap -v -A 192.168.1.1

nmap -A -iL /tmp/scanlist.txt

6: Find out if a host/network is protected by a firewall


nmap -sA 192.168.1.254

nmap -sA server1.cyberciti.biz

7: Scan a host when protected by the firewall

nmap -PN 192.168.1.1

nmap -PN server1.cyberciti.biz

8: Scan a network and find out which servers and devices are up and
running
This is known as host discovery or ping scan:

nmap -sP 192.168.1.0/24

9: perform a fast scan

nmap -F 192.168.1.1

10: Display the reason a port is in a particular state

nmap --reason 192.168.1.1

nmap --reason server1.cyberciti.biz


11: Only show open (or possibly open) ports

nmap --open 192.168.1.1

nmap --open server1.cyberciti.biz

12: Show all packets sent and received

nmap --packet-trace 192.168.1.1

nmap --packet-trace server1.cyberciti.biz

13:Show host interfaces and routes

nmap iflist

14: The fastest way to scan all your devices/computers for open ports
ever

nmap -T5 192.168.1.0/24

15: detect remote operating system

nmap -O 192.168.1.1

16: detect remote services (server / daemon) version numbers

nmap -sV 192.168.1.1

17: Scan a host using TCP ACK (PA) and TCP Syn (PS) ping

If firewall is blocking standard ICMP pings, try the following host discovery methods:

nmap -PS 192.168.1.1


nmap -PS 80,21,443 192.168.1.1

nmap -PA 192.168.1.1

nmap -PA 80,21,200-512 192.168.1.1

18: Scan a host using IP protocol ping

nmap -PO 192.168.1.1

19: saving output to a text file

The syntax is:

nmap 192.168.1.1 > output.txt

You might also like