![]() You can also use netstat and ps commands in parallel with Nmap to identify services using the scanned ports. In this article, I have shown you how to use Nmap for scanning ports on a server. The most commonly used are these:įor scanning TCP connection, you can use the -sT flag: sudo nmap -sT įor scanning UDP connection, you can use the -sU flag: sudo nmap -sU įor scanning both the TCP and UDP open ports, you can use: sudo nmap -n -PN -sT -sU -p- įor scanning SYN packets, you can use the -sS flag: sudo nmap -sS Conclusion There are several ways to execute port scanning using Nmap. The -F option scans only the top 100 ports. The -top-ports option scans only the most common ports. In a nutshell, based on his research, to cover 90% of the open ports, you need to target only 576 TCP ports and 11,307 UDP ports. He has picked up the most prevalent TCP and UDP ports by researching millions of IP addresses and exploring many enterprise networks. Nmap developer Fyodor, a big applause to him for his excellent tool, has reduced the headache of scanning this huge range of ports. However, most of these ports are hardly open. Scanning all the 65,536 ports of each protocol is a time-consuming task. ![]() Suppose you want to scan all http-related ports: nmap -p http* Scanning the top-ports Using wildcards can also simplify a scanning task. Similarly, you can exclude the last port to scan up to the last possible port: nmap -p 65255- Using Wildcards with Nmap For example, you can remove the starting port to start scanning from port one: nmap -p -22 You can do further customization to port ranges. To scan multiple ports, you need to separate them with commas as shown here: nmap -p 22,25,80
0 Comments
Leave a Reply. |