Nmap (eng)

From FdIwiki ELP
Jump to: navigation, search


Nmap is an open source program for port scanning made for Gordon Lyon (Fyodor Vaskovich) and whose development is nowadays commissioned to the community. Originally created for Linux now its multiplatform. It’s used to evaluate the security of the computer systems, to detect services or servers in a computer network, for that, Nmap sends defined packages to others computers and later analyze their answers.

This software has several functions for network systems, including the detection of equipment, services and operating systems. These functions are extensible through the use of scripts for advanced detection providers, vulnerability detection and other applications.

Scanning TCP Connect Scan

It’s open a scanning port proccess, requires three-way swapping for a fully port scanning. To know if an open port is sent the flag SYN (connection). If it is open it returns a SYN / ACK and otherwise send RST. The connection is complete and then finish with RST. ACK = accept RST = reset


It’s a port scanning technique that sends from one host to another only a SYN connection start packages, for each ports that we want to analyze, to define if that ports are open or not. If it’s open, return a SYN / ACK and if not a RST. The connection is chop after receiving the SYN / ACK with RST, to be less noisy than the TCP connect scanning. FLAG -Sf.


The FIN flag is launched, if it return a RST / ACK its a closed port, if not maybe its open. That kind of port scanning are silent, not usually registered by IDS (Intrusion Detection System). FLAG -Sf.

TCP Xmas Tree Scan

The same as TCP FIN Scan, but launched flags FIN, URG and PUSH. FLAG -Sx.

TCP Null Scan

That kind of scan reset all indicators on TCP header, receive a RST if the port is not active, otherwise not receive anything.

UDP Scan

To discover ports UDP. FLAG -Su

Who to use Nmap

The best way to achieve most information is: nmap -Ss -O -Sv <ip> -O: to know the system version -Sv: to know the servides and their versions assigned to a port

Why use Nmap

We can see which ports in our computers has open and which processes are assigned to each port. If we use google to find all services, it’s possible that we found some malicious services controlling our computer. Then, it is simple, find it and uninstall it.