Search Posts on Binpipe Blog

Nmap Command Usage in Linux Server

If you don't have NMAP yet in your server, use this link to get it installed in your server. The following Nmap commands always come handy, so check them out:

Scan For Unused IP Address

# nmap -T4 -sP && egrep "00:00:00:00:00:00" /proc/net/arp


Get Info About Remote Host Ports And OS Detection

# nmap -sS -P0 -sV -O targetIP


Get List of Servers With A Specific Port Open

# nmap -sT -p 80 -oG - 192.168.0.* | grep open

Change the -p argument for the port number.

Scan Network for Rogue APs

# nmap -A -p1-85,113,443,8080-8100 -T4 --min-hostgroup 50 --max-rtt-timeout 2000 --initial-rtt-timeout 300 --max-retries 3 --host-timeout 20m --max-scan-delay 1000 -oA wapscan


Find All Active IP Addresses In A Network

# nmap -sP 192.168.0.*


Use A Decoy IP While Scanning Ports

# sudo nmap -sS targetIP -D fakeIP


How Many Linux And Windows Devices Are On Your Network?

# sudo nmap -F -O | grep "Running: " > /tmp/os; echo "$(cat /tmp/os | grep Linux | wc -l) Linux device(s)"; echo "$(cat /tmp/os | grep Windows | wc -l) Window(s) devices"  


UDP Scanning

# sudo nmap -sU -P0 -T Aggressive -F targetIP

No comments:

Post a Comment

Hi, Leave a comment here and one of the binary piper's will reply soon :)