84 
0 
Here’s an overview of how to get started with Nmap:
Install Nmap
The first step is to download Nmap. You can download the latest version of Nmap from the official website. If you are using a Linux system, it is most likely already installed. You can confirm this by running the command ‘nmap -v’ on your console.
Choose the Target
To use Nmap, you need to identify the target that you want to scan. The target can be a single host or IP address, a range of IPs, or a subnet. It is important to have authorization and permission to perform a scan on the target network.
Choose the Scan Type
Once you have identified the target, the next step is to select the type of scan. Nmap has various scan types, including TCP scan, SYN scan, ICMP scan, UDP scan and OS detection scan. The type of scan chosen will depend on the target network and the objective of the scan.
TCP Scan
The TCP scan is the most common type of scan used with Nmap. It reviews TCP ports by sending a TCP request to each port. This probe can determine which ports on the target system are open, closed, or filtered. This type of scan is also the most precise, but it also takes longer compared to other types of scans. The command line for the TCP scan is: nmap –sT IP ADDRESS
UDP Scan
UDP Scan is another popular scan for Nmap. Nmap sends a UDP request to each port on the target system, and based on the response, it detects whether the port is open or filtered. This scan is ideal for applications that carry out transactions within UDP packets, such as domain name system (DNS), network time protocol (NTP) and the simple network management protocol (SNMP). The command line for the UDP scan is: nmap –sU IP ADDRESS
SYN Scan
The SYN Scan is also called the stealth or half-open scan. This type of scan identifies open ports by exploring SYN or TCP packets without completing the TCP handshake. This scan is quicker than a TCP scan and can provide more detailed information. However, since this scan type does not complete a handshake, some IDS and IPS can detect such scans. The command line for SYN scan is: nmap –sS IP ADDRESS
ICMP Scan
The ICMP scan sends an Internet Control Message Protocol (ICMP) echo request to the target IP address. The responses will show you which IP addresses are live and active on the network. The command line for the ICMP scan is: nmap -PE IP ADDRESS
Choose Options and Parameters
Once you have chosen the scan type, the next step is to define options and parameters that correspond to the scan type. For example, if you are performing a TCP scan, you can specify the -p parameter to specify the specific port you want to scan. If you are performing an OS detection scan, you can choose the -O option. The selected parameter and modifiers depend on the objective of the scan.
Run the Scan
To perform the scan, you need to type the relevant commands into the cmd or shell prompt. The system console will receive the output of the scan. This output can be stored in various formats, including text files, XML files, or even a log file. To store the output in an XML format, you can use the –oX option to store the output data of the scan. The command for this would look like this: Nmap –oX scan.xml.
In conclusion, Nmap is a powerful tool that can be used to explore, manage and secure networks. It offers a variety of scanning options and is easy to use, even for users who have no experience in networking. Remember to obtain the necessary permissions before scanning the target system, and handle any information that is collected during the scanning process with sensitivity and discretion.
0 | 
0