Nmap - Working and Basic Commands

Nmap is the most used port scanning tool on the Internet and it is reasonable too as it is extremely powerful. With these Nmap basic commands, you can gather information on a target by running port scanning and fingerprinting. 

The basic and default SYN scan will scan 1000 TCP ports on the target specified.

  • Syntax: nmap <IP>
  • Example: nmap
If a non-root user adds sudo, in the beginning, sudo nmap <IP>
If you are interested in what these 1000 ports are, check the file nmap-services in the directory /usr/share/nmap/nmap-services. To read the file type in the terminal.
nano /usr/share/nmap/nmap-services
If you run the Nmap with root access, Nmap will do a so-called privileged scan which is a RAW SYN Stealth Scan. But if you run Nmap as a non-root access, it will do a so-called unprivileged scan which is TCP Connect Scan which is apparently slower and can be detectable. 

So, with the root privileges, the Nmap is able to send an SYN packet and then SYN-ACK that comes back is enough to know if there is an actual open port.

But, with the non-root privileges, the Nmap cannot send Raw TCP/IP packets. So, it has to call the Operating System to do a full connect which makes it slower and more probable to get recorded in system logs as it does a full TCP Connect to obtain the port information.

Not sure about SYN or SYN-ACK or TCP Connect? 

All in all, with root access it is an SYN Scan, without root it is a full connect scan.

If you want to know what is going on during the scan. Add the -v command, which is for verbosity. It has three levels: -v, -vv, -vvv. More v's means more verbose. If you chose one level of verbose you can press in the middle of the scan to increase the verbosity.

Similarly, -d command, is for debugging. It has 9 levels and can be defined as -d1 till -d9. That is the highest effective level and will produce thousands of lines unless you run a very simple scan with very few ports and targets.

To know the percentage of completion, you can press any key in the middle of the scan and it will display the percentage.

We hope this helps. If any suggestions or doubts you can add a comment and we will reply as soon as possible.

No comments:

Post a Comment