📱 Mobile Security Tips
Nina Kovacs — Consumer Security Analyst
What is Nmap?
Nmap (Network Mapper) is an open-source tool for network discovery and security auditing. It’s widely used by security professionals for tasks such as discovering hosts and services on a computer network, performing security scans, and determining open ports and services.
Installation
Nmap can be installed on various platforms, including Windows, Linux, and macOS. Here are the commands for the common operating systems:
# For Ubuntu/Debian sudo apt install nmap # For CentOS/RHEL sudo yum install nmap # For macOS (using Homebrew) brew install nmap # For Windows, download the installer from https://nmap.org/download.html
Basic Syntax
The basic syntax of Nmap commands is:
nmap [options] {target}
Discovery
The discovery phase is crucial for gathering intelligence about a target network.
Ping Sweep
To discover live hosts in a network:
nmap -sn 192.168.1.0/24
Options:
| Flag | Description |
|---|---|
| -sn | Ping scan — no port scan. |
Service Discovery
To identify services and their versions running on a selected host:
nmap -sV 192.168.1.1
Scanning
Scanning is essential to identify open ports and services.
TCP Scan
To perform a full TCP scan on a host:
nmap -sS 192.168.1.1
Full Port Scan
To scan all 65535 ports:
nmap -p- 192.168.1.1
Exploitation
Use Nmap to find exploit vulnerabilities on services.
Vulnerability Scan
To detect known vulnerabilities:
nmap --script=vuln 192.168.1.1
Analysis
Analyze scan output for insights.
Output Formats
To save results in different formats:
| Flag | Description |
|---|---|
| -oN | Normal output. |
| -oG | Grepable output. |
| -oX | XML output. |
Evasion
To bypass firewalls and intrusion detection systems:
Fragmenting Packets
Fragmenting packets can help evade certain IDS/IPS:
nmap -f 192.168.1.1
Using Decoy
To confuse network defenders:
nmap -D RND:10 192.168.1.1
Reporting
Reporting scan results clearly is vital for sharing findings.
Verbose Output
To get detailed output during a scan:
nmap -v 192.168.1.1
Quick Reference Table
| Flag | Description |
|---|---|
| -sS | TCP SYN scan. |
| -sV | Service version detection. |
| -f | Fragment IP packets. |
| -D | Decoy scan. |
Pro Tips
- Use scripting: Leverage Nmap scripting engine (NSE) for custom scripts.
- Timing: Adjust timing with -T {0-5} based on your network’s sensitivity.
- Stealthy scans: For stealth, opt for -sS over -sT (TCP connect).
Real-World Examples
Full System Inventory
To audit all devices:
nmap -sP 192.168.1.0/24
Open Ports & Services Detection
Check a host for open ports with version detection:
nmap -sS -sV -oN scan_results.txt 192.168.1.1
Identifying OS
Determine the operating system of a device:
nmap -O 192.168.1.1