This page looks best with JavaScript enabled

How to use nmap utility

 ·  ☕ 2 min read

Nmap (“Network Mapper”) is a free and open source utility for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts.
Read more at nmap.org.

Usage

  • Scan single hostname:

    nmap example.com
    
  • Scan specific port of IP address:

    nmap -p 8080 10.100.10.12
    
  • Scan several IP addresses:

    nmap 10.100.10.12 10.100.10.14 10.100.10.32
    
  • Scan several servers using last octet of IP address:

    nmap 10.100.10.12,13,14
    
  • Scan subnet using wildcard:

    nmap "192.168.0.*"
    

    Use -F to perform fast scan.

  • Scan subnet for live hosts:

    nmap -sP "192.168.0.*"
    
  • Scan list of servers from a text file:

    nmap -iL serverlist.txt
    
  • Scan IP and try guess OS:

    nmap -O 10.100.10.12
    
  • Find version of services on server:

    nmap -sV 10.100.10.12
    
  • Perform a stealth scan:

    nmap -sS 10.100.10.12
    
  • Scan UDP port:

    nmap -sU 37 10.100.10.12
    
  • Get host interfaces and routes:

    nmap --iflist
    

Additional options

Use -v for verbose output.

All Options

You can find all nmap options in man pages:

man nmap

Vladislav Pashinskikh
WRITTEN BY
Vladislav Pashinskikh
DevOps Engineer, GNU/Linux enthusiast, FOSS and privacy activist from Ukraine