Professional Documents
Culture Documents
NMAP
NMAP
- LUA Programming
1)Scan types
2)Scan option
3)Detection of version
4)Runnig speed
5)Ping option
6)Scripting
7)input option
8)Misleneous
9)Output option
10)OS detection
#Phases of NMAP
1)Enemuration
2)Host Discovery
3)Port Scanning
4)Version Detection
5)OS Detection
6)Script Scanning
8)Output
#Host Discovery
1)ROOT
2)LOCAL
#Scan Status
1)Open
2)Closed
3)Filtered ---means firewall filtering the traffic
4)Open | Filtered -- Host will send Null Packet to Hsot B and bypss firewall and
when HOST B gives result to HOST A at that time firewall will block tht
5)Closed | Filtered -- it will not give any information means ports are open or
closed - nothing
6)Unfiltered -- No response from the host while synscing
#Basics
Prerequisite
1)IP- IP to scan the host
2)Port- Which port want to scan- ftp,ssh,rdp etc..
3)Scan type
4)Scan timing
5)Output types
------------------------------------------------------------------------------
------------------------------------------------------------
# Target
1)Single Ip address
2)Subnet range -- in subnet range nmap will do host discovery means i
will find other devices also which are connected in a network
3)IP address range -- means we will provide ip add range to nmap for
scanning means scan 192.168.0.10-192.168.0.20 thats all
4)Specific IP address --- we will provide multiple ip address to namp for
scanning
5).txt files cmd (-il)
6)domain a.com
-----------------------------------------------------------------------------------
------------------------------------------------------
#Port
1)Singlr port -- nmap 192.168.0.10 -p 80
2)Sequential port -- nmap 192.168.0.10 -p 10-30 (means it will scan for
port 10,11,12,13,14,15-------29,30)
3)Distributed port --- nmap 192.168.0.1 -p 80,22,3389
4)Service speific --- nmap 192.168.0.10 -p http (means it will only scan
for specific service http port 80)
5)Protocol specif -- nmap 192.168.0.10 -p T:22, U:53 (T means TCP and u
measn UDP)
6)All Ports -- nmap 192.168.0.10 -p- (means it will scan
for all ports 65535)
7)All top ports --- nmap 192.168.0.10 --top-ports (means it will
scan all top ports)
-----------------------------------------------------------------------------------
----------------------------------------------------------------
# Scan Timings
1) T0 - Paranoid (Very very slow scanning)
2) T1 - Sneaky (very Slow)
3) T2 - Polite (Medium speed scanning)
4) T3 -Normal (Normal Speed Scanning)
5) T4 -Aggressive (Very fast scanning)
6) T5 -Insane (Very very fast scanning)
-----------------------------------------------------------------------------------
---------------------------------------------------------------
#Output types
.txt
.xml
-----------------------------------------------------------------------------------
---------------------------------------------------
#MISC
miscelinious