Nmap (Network Mapper) is a security scanner originally written by Gordon Lyon (also known by his pseudonym Fyodor Vaskovich) used to discover hosts and services on a computer network, thus creating a "map" of the network.
Questions tagged [nmap]
256 questions
106
votes
12 answers
nmap find all alive hostnames and IPs in LAN
How can I issue a nmap command that shows me all the alive machines' IP addresses and corresponding hostname s in the LAN that I am connected?
(if this can be done in another way/tool you surely are welcome to answer)
şaloma
- 1,217
71
votes
1 answer
NMAP: Check if port 80 and 8080 is open
In our company, I want to check if users are running web servers on port 80 and 8080.
I downloaded nmap and ran this command:
nmap -p 80,8080 192.168.1.0-255
I got a list of IPs and tried to access them in my browser (EG: 192.168.1.1:8080) but…
Ian
- 921
18
votes
4 answers
Nmap: find free IPs from the range
Is there a way to scan for free IPs on the network? I use nmap -sP 192.168.1.0/24 but this actually shows hosts that are up.
HTF
- 3,198
4
votes
1 answer
Fast and reliable way to scan a Class B network using nmap
I need to nmap scan a class B network within a short span of time. The requirements are quite straightforward. I want to:
Scan as fast as possible
Fulfill point 1 while maintaining reliability (Missing 1/2 out of 10 is acceptable)
Fulfill point 1…
akgren_soar
- 191
- 2
- 7
3
votes
3 answers
How to list down hosts with nmap 5.51
I was using nmap 5.21 with the -PN, -F and --reason flags in version 5.21. I was outputting the results to an XML file. It would list ALL hosts (say I gave it a /24 subnet to scan. I then updated to 5.51 and ran the exact same command, but it no…
Wild Bill
- 227
3
votes
4 answers
tcp port 554 open
I was running a routine security check of the machines I manage today and found in my nmap scans that TCP/554 is open, although when I run 'netstat -an' on the machine itself it doesn't show up, same result if I nmap the host locally.
I then tried…
Hilton D
- 279
2
votes
3 answers
Nmap - Specify which probe(s) to use?
I'm trying to determine if it's possible to specify probe types for nmap to use. For example, I want to scan a subnet (say 192.168.0.0/24) and probe every port on every host to see if a web server is running on that port - the goal being to find a…
SuperStudent
- 21
2
votes
1 answer
How to setup nmap ping count?
I need an arp-ping tool for windows
Tried arp-ping http://www.elifulkerson.com/projects/arp-ping.php.
Source address specification did not work in this tool.
Then I came across nmap. -PR option suits my needs and it works.
My arp ping example…
Siva R
- 45
2
votes
1 answer
How to interpret nmap result, host up but no ports open
I have used nmap to map a network, scanning using the following command
nmap -v -sS --no-stylesheet -T3 -sU -sV -O -oX 192.168.69.0/24
Some of the hosts come back with a strange result. Nmap reckons they are up due to syn-ack. I…
Slicedpan
- 201
2
votes
3 answers
Why does nmap send two packets in order to test a single port
I run nmap with root privileges using sudo so I assume it has full access to creat raw sockets. Wireshark shows two packets used to test a single port when I used the command
sudo nmap 192.168.110.153 -p21
Is that normal behavior? why?
sudo nmap…
Matka
- 107
2
votes
1 answer
using nmap to guess remote OS and probe service details on a single port only
I am looking at scanning with nmap a large network in order to
identify the OS of devices (-O--osscan-limit)
probe for details of a service on a single port (I would have used -sV for all open ports)
The problem is that -sV will probe all the…
WoJ
- 3,657
2
votes
1 answer
Why can NMAP not show some ports?
when I do "nmap localhost", some open ports are listed and others aren't. For Example SSH on 22 is listed, but SSH on 10022 is not. Host's port 10022 in my case is NAT port forwarding to a VBoxHeadless VM SSH, and Host's port 22 is it's own SSH…
Ivan
- 3,398
1
vote
0 answers
One device shows down when more than 160 ip addresses are scanned with nmap
This is bugging me.
I consistently have a single device that fails to respond to an nmap scan when more than ~160 IP addresses are specified. I seem to get mixed results between 150-160 IP addresses and anything less it always responds.
The device…
Scottz
- 11
1
vote
2 answers
different nmap results
I have a scan on my server form outside and from inside, why results are different?
[root@xxx ~]# nmap -sV -p 0-65535 localhost
Starting Nmap 5.51 ( http://nmap.org ) at 2011-02-16 07:59 MSK
Nmap scan report for localhost (127.0.0.1)
Host is up…
aasasas
- 11
1
vote
1 answer
Nmap results incorrect when connecting via VPN
I am trying to determine why my nmap results are incorrect when I am connected to a VPN provider.
As you can see below nmap reports that ports are open when connecting to a VPN provider even though the host has no open ports.
Here's an example:
No…
A_B
- 121