In: Computer Science
Overview about nmap and a working demo of nmap
Please note: The information provided below is only for educational purposes. Hacking is illegal, crime, unofficial, informal, and is against law. Any hacking activities to be carried out on a system, computer, device, mobile device, server, network, website, etc. must require written authorization of the owner of the system, computer, network, server, etc., providing his/her permission to do so for a genuine reason, in a written statement with his/her authorization clearly defined and stated in it. However, using the Nmap tool is legal if and only if it is used properly. Using it for port scanning on external servers could be illegal.
NMap is the acronym for Network Mapper. Nmap is a network scanning tool. It is an open-source and free software or utility. The tool is used for discovering services and hosts on a computer network sending packet requests and analyzing the received responses. It is used to probe computer networks and detect or discover hosts, networks, services, and Operating System (OS). Nmap tool is used to protect one's network from attackers, hackers, or bad actors. It is used in Penetration Testing (Pen-Test) activities as part of security auditing for quickly detecting any security vulnerabilities in one's systems. It is mostly used to scan ports on a server to see what ports are opened (listening) and closed, so unnecessary ports can be closed for security purposes on the server.
The syntax of the command is as shown below:
nmap <IP address of the server>
You could scan on your own server on your network. It could be the
private IP address of your own server.
You could also type in your own website address i.e.,
nmap <website address>
As an example:
nmap www.example.com
It would list the port number, the type of protocol of the port if TCP or UDP, the state of the port number of open or closed, and the service running on that port number. The output would also display the time in seconds to scan the server for all the ports and when the command started to scan the server, displaying the date, time, and time zone. It will also display if the host is up and running or is down. It will display the latency in seconds. It will display the total number of filtered ports that are not shown for security reasons. Filtered ports mean there is a firewall placed in front of the server.
The example below is the command run on google's public DNS server. 8.8.8.8 is its IP address.
nmap 8.8.8.8
The output will probably show details about only one port i.e., port number 53, which is the port number for the DNS service, with TCP protocol, and the state being opened. You would probably see about 999 filtered ports that are not shown, for security reasons.