nmap in Linux

1. What Is nmap?

nmap is a free and open-source utility for scanning networks and hosts. It’s widely used for security assessments, troubleshooting, and inventory gathering. It can detect hosts, open ports, services, and more.

2. Installing nmap

Use your package manager to install:

sudo apt install nmap        # Debian / Ubuntu

sudo yum install nmap        # CentOS / RHEL

sudo pacman -S nmap          # Arch Linux

3. Scan a Host for Open Ports

nmap 192.168.1.1

4. Detect Running Services and Their Versions

nmap -sV 192.168.1.1

5. Detect Operating System

sudo nmap -O 192.168.1.1

6. Ping Sweep to Discover Active Devices

nmap -sn 192.168.1.0/24

7. Scan UDP Ports

sudo nmap -sU 192.168.1.1

8. Scan Specific Ports or Port Range

nmap -p 22,80,443 192.168.1.1

nmap -p 1-1000 192.168.1.1

9. Use NSE Scripts (Nmap Scripting Engine)

nmap --script http-enum 192.168.1.1

10. Save Output to File

nmap -oN report.txt 192.168.1.1

nmap -oX report.xml 192.168.1.1

11. Security and Ethics

• Always get permission before scanning external networks
• Be aware of detection by firewalls or intrusion detection systems
• Use stealth flags responsibly during penetration testing

12. Conclusion

nmap is a versatile and essential tool for Linux administrators and security engineers. With its powerful scanning techniques, script integration, and detailed output, it facilitates network inventory, vulnerability detection, and systems analysis across environments.