Nmap is a network scanning tool that can discover hosts and services on a network. It can scan TCP and UDP ports, perform OS and version detection, and has both command line and GUI interfaces. Nmap allows specification of target hosts by IP address, CIDR notation for subnets, or hostname. It provides information about open ports and common services, and can detect vulnerabilities.

1. By Megha Sahu

2.  Nmap (Network Mapper) is a network scanner , monitor host and discover all
the ip which is connect to the network.
Nmap run on major computer operating system and binary package available
for Windows , Linux, Mac OS etc.
Nmap is a classic command-line and it also provide GUI tool called Zen-map.
Kali linux provide pre-install Nmap.
Nmap can scan TCP as well UDP and provide OS detection, version detection.
It is well documented you can find everything using command
#man nmap ( for Linux Operating system)
Introduction

3. TARGET SPECIFICATION
• The simplest case is to specify a target IP address or hostname for scanning.
• Nmap supports CIDR-style addressing(classic inter domain routing)
• 192.168.10.0/24 would scan the 256 hosts
• 192.168.10.40/24 would scan exactly the same targets.
• IPv6 addresses can be specified by their fully qualified IPv6 address or hostname
or with CIDR(Classless Inter Domain Routing) notation for subnets.

4. Nmap Scanning
Open
An application is acceptive transmission control protocol connections, UDP datagrams or SCTP
associations on this port.Open ports are attention-grabbing for non-security scans as a result of the
show services offered to be used on the network.
close
A closed port is accessible ,but there's no application listening on that.
filtered
Nmap cannot detect that whether the port is open because packet filtering prevents its probes
from reaching the port. This slows down the scan dramatically.
unfiltered
The unfiltered state means a port is accessible, however Nmap unable to work out whether or
not it's open or closed.
open|filtered
Nmap places ports during this state once it's unable to work out whether or not a port is open or
filtered. this happens for scan varieties within which open ports offer no response.
closed|filtered
This is used once Nmap cannot discover that whether or not a port is closed or filtered. It is only
used for the IP ID idle scan.

5. Tools included in the nmap package
nping – Network packet generation tool / ping utility

6. ndiff – Utility to compare the results of Nmap scans

7. Nmap used for
• Host Detection
• Port discovery
• Service discovery
• Detect vulnerability and security holes
• Detect operating system
• Detect hardware and software version

8. Example
• nmap -v -A scanme.nmap.org
• nmap -v -A 192.168.1.1
• nmap -v -sn 192.168.0.0/16 10.0.0.0/8
• nmap -v -iR 10000 -Pn -p 80
• nmap –sL 6.209.24.0/24 6.207.0.0/22
• nmap –p 20-30 , 80 , 443
• Nmap –traceroute 1.22.113.213

9. Example 1

10. Example 2

11. Example 3

13. ZENMAP
ZENMAP is GUI tool of nmap to perform network scanning.