📱 Mobile Security Tips
Nina Kovacs — Consumer Security Analyst
{
“title”: “Nmap Security Tool Cheatsheet”,
“content”: “
What is Nmap?
Nmap (Network Mapper) is an open-source tool designed for network discovery and security auditing. It is widely used by security analysts and penetration testers for scanning networks to identify live hosts, open ports, and services running on servers. With its extensive capabilities, Nmap helps in planning attacks and securing networks effectively.
Installation
Nmap is available for various operating systems. To install it:
- Linux (Debian/Ubuntu):
sudo apt install nmap - Linux (CentOS/RHEL):
sudo yum install nmap - macOS:
brew install nmap - Windows: Download from Nmap’s official website.
Basic Syntax
The basic syntax for using Nmap is:
nmap [options]
Discovery
Discovery scans help identify active hosts on a network.
- Ping Scan: Identifies live hosts.
nmap -sn - Subnet Scan: Scans an entire subnet.
nmap -sn 192.168.1.0/24 - OS Detection: Attempts to determine the operating system.
nmap -O
Scanning
Once the targets are identified, various scans help assess the security posture.
- Service Version Detection: Identifies versions of services running on ports.
nmap -sV - Port Scan: Scans for open ports on a target.
nmap -p 1-65535 - TCP Connect Scan: Establishes a connection with the target port.
nmap -sT
Exploitation
While Nmap is primarily a scanning tool, it can help identify potential vulnerabilities.
- Script Scan: Executes Nmap scripts to identify vulnerabilities.
nmap --script - Version Scanning with Scripts: Combines scripts with version detection.
nmap -sV --script=vuln
Analysis
Post-scan analysis helps assess the security findings.
- XML Output: Save output in XML format for further analysis.
nmap -oX - Grepable Output: Save output formatted for grepping.
nmap -oG
Evasion
Sometimes, you need to conceal scans from firewalls and intrusion detection systems.
- Timing Options: Adjust scan speed to avoid detection.
nmap -T<0-5> - Decoy Scan: Mask your IP during scanning.
nmap -D
Reporting
Consolidating your findings for reporting is essential.
- Text Output: Save output in a plain text format.
nmap -oN
Quick Reference Table
| Flag | Description |
|---|---|
| -sP | Ping scan (discovery) |
| -sV | Service version detection |
| -O | OS detection |
| -oN | Normal output |
| -oX | XML output |
| -T | Timing template |
| -D | Decoy mode |
Pro Tips
- Use -p- to scan all ports:
nmap -p- - Combine multiple flags for comprehensive analysis, e.g.,
nmap -sS -sV -O - Keep your Nmap updated; security features new features and scripts regularly.
Real-World Examples
1. To scan your local network for live hosts:
nmap -sn 192.168.1.0/24
2. To check for open ports and service versions on a target:
nmap