Nmap (CloudMonk.io)
nmap
* Definition: nmap (Network Mapper) is a free, open-source utility for network discovery and security auditing. It is used to discover hosts and services on a computer network by sending packets and analyzing the responses.
* Function: Performs network scanning to identify active devices, open ports, running services, and potential vulnerabilities.
* Components:
* nmap Core: The main program that performs network scans.
* nmap Scripting Engine (NSE): Allows users to write scripts for extending nmap's capabilities.
* Zenmap: The official graphical user interface (GUI) for nmap.
* Features:
* Host Discovery: Identifies live hosts on a network.
* Port Scanning: Detects open ports on target hosts.
* Service and Version Detection: Identifies services running on open ports and their versions.
* OS Detection: Determines the operating system of the target hosts.
* Scripting Engine: Automates various network tasks using NSE scripts.
* Vulnerability Detection: Identifies potential vulnerabilities and security issues.
* Usage: Widely used by network administrators, security professionals, and penetration testers for network inventory, managing service upgrade schedules, and monitoring host or service uptime.
Examples
* Basic nmap scan to discover live hosts and open ports:
```bash
nmap -sP 192.168.1.0/24
```
* Scanning a specific host for open ports:
```bash
nmap -p 1-65535 192.168.1.1
```
* Service and version detection on a target host:
```bash
nmap -sV 192.168.1.1
```
* Operating system detection on a target host:
```bash
nmap -O 192.168.1.1
```
* Running a script from the nmap Scripting Engine (NSE):
```bash
nmap --script=vuln 192.168.1.1
```
* Using nmap in a Python script:
```python
import nmap
def scan_network(target):
nm = nmap.PortScanner()
nm.scan(target, '1-1024')
for host in nm.all_hosts():
print(f'Host : {host} ({nm[host].hostname()})')
print(f'State : {nm[host].state()}')
for proto in nm[host].all_protocols():
print('----------')
print(f'Protocol : {proto}')
lport = nm[host][proto].keys()
for port in lport:
print(f'port : {port}\tstate : {nm[host][proto][port]["state"]}')
# Scan the local network
scan_network('192.168.1.0/24')
```
* Using nmap in a Java program:
```java
import java.io.BufferedReader;
import java.io.InputStreamReader;
public class NmapExample {
public static void runNmapScan(String target) {
try {
Process process = new ProcessBuilder("nmap", "-sP", target).start();
BufferedReader reader = new BufferedReader(new InputStreamReader(process.getInputStream()));
String line;
while ((line = reader.readLine()) != null) {
System.out.println(line);
}
reader.close();
int exitCode = process.waitFor();
if (exitCode != 0) {
BufferedReader errorReader = new BufferedReader(new InputStreamReader(process.getErrorStream()));
while ((line = errorReader.readLine()) != null) {
System.err.println("Error: " + line);
}
errorReader.close();
}
} catch (Exception e) {
e.printStackTrace();
}
}
public static void main(String[] args) {
// Run nmap scan on the local network
runNmapScan("192.168.1.0/24");
}
}
```
Summary
* nmap: A powerful, open-source network discovery and security auditing tool used to identify active devices, open ports, running services, operating systems, and potential vulnerabilities on a network. With features like the nmap Scripting Engine and Zenmap GUI, nmap is an essential tool for network administrators, security professionals, and penetration testers.