“The intent of this article is to familiarize the reader
with the network scanner nmap. As Lamont Grandquist (an nmap
contributor/developer) points out, nmap does three things: It
will ping a number of hosts to determine if they are up. It will
portscan hosts to determine what services they are offering and it
will attempt to determine the OS (operating system) of
host(s). Nmap allows the user to scan networks as small as a
two node LAN (Local Area Network) or as large as a 500 node LAN and
even larger. Nmap also allows you to customize your scanning
techniques. Sometimes a simple ICMP (Internet Control Message
Protocol) ping sweep may be all you need. If not, then maybe you’re
looking for a stealth scan giving back reports on UDP (User
Datagram Protocol) and TCP (Transmission Control Protocol) ports
that are available and as to what operating system the host is
using? Still want more? You can do all that and log the data into
either human-readable or machine-parsable format. In this article I
will be covering some basic to intermediate scanning techniques to
get you off and running with nmap. If you love it enough then I
would suggest reading the the nmap man pages 50 times and then
translating it into the foreign language of your choice;)”
“First we will need an address to scan against. If you are
working from a LAN then pick a number of one of your hosts. Let’s
say that your LAN consists of two machines: Adam and Eve. Adam
(192.168.0.1) is the unit we’ll be running nmap on. Eve
(192.168.0.2) is the machine we will be scanning. From the command
line I would type the following:
nmap 192.168.0.1
Here is a sample output from the scan…
Starting nmap V. 2.53 by fyodor@insecure.org (www.insecure.org/nmap)
Interesting ports on Eve (192.168.0.2):
(The 1511 ports scanned but not shown below are in state:closed)
Port State Service
21/tcp open ftp
23/tcp open telnet
25/tcp open smtp
..."