nmap

Overview

Nmap (“Network Mapper”) is a free and open source utility for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics.

Examples

# Scan a subnet
namp 192.168.0.0/24
# Scan a range of IPs
nmap 192.168.0.1-20
# Scan ranges of IPs
nmap 192.168.0.1-20 192.168.0.30-40
# Scan using TCP SYN scan (default)
nmap -sS 192.168.1.1
# Scan a single Port
nmap -p 22 192.168.1.1
# Scan a range of ports
nmap -p 1-100 192.168.1.1
# Scan 100 most common ports (Fast)
nmap -F 192.168.1.1
# Scan all 65535 ports
nmap -p- 192.168.1.1
# Scan using TCP connect
nmap -sT 192.168.1.1
# Scan UDP ports
nmap -sU -p 123,161,162 192.168.1.1
# Heartbleed Testing - http://heartbleed.com/
nmap -sV -p 443 --script=ssl-heartbleed 192.168.1.0/24

References

• Nmap: the Network Mapper - Free Security Scanner
• Heartbleed Bug
• ip address - Nmap ip range specification - Stack Overflow
• Nmap Cheat Sheet | HackerTarget.com
• nmap - how to scan hosts of networks for open ports