Home   >>   Nmap   >>   Nmap Tips and Tricks
Nmap Tips and Tricks PDF Print E-mail
( 0 Votes )
How To - Nmap
Written by Christian Foronda   
Thursday, 18 February 2010 08:57

Scan For Unused IP Address:

# nmap -T4 -sP 192.168.0.0/24 && egrep "00:00:00:00:00:00" /proc/net/arp

 

Get Info About Remote Host Ports And OS Detection:

# nmap -sS -P0 -sV -O targetIP

 

Get List of Servers With A Specific Port Open:

# nmap -sT -p 80 -oG - 192.168.0.* | grep open

Change the -p argument for the port number.

Scan Network for Rogue APs.:

# nmap -A -p1-85,113,443,8080-8100 -T4 --min-hostgroup 50 --max-rtt-timeout 2000 --initial-rtt-timeout 300 --max-retries 3 --host-timeout 20m --max-scan-delay 1000 -oA wapscan 10.0.0.0/8

 

Find All Active IP Addresses In A Network:

# nmap -sP 192.168.0.*

 

Use A Decoy IP While Scanning Ports:

# sudo nmap -sS targetIP -D fakeIP

 

How Many Linux And Windows Devices Are On Your Network?:

# sudo nmap -F -O 192.168.0.1-255 | grep "Running: " > /tmp/os; echo "$(cat /tmp/os | grep Linux | wc -l) Linux device(s)"; echo "$(cat /tmp/os | grep Windows | wc -l) Window(s) devices"

 

UDP Scanning:

# sudo nmap -sU -P0 -T Aggressive -F targetIP

 



blog comments powered by Disqus
back to top
< Prev
Last Updated on Friday, 08 April 2011 18:49