Nmap (Network Mapper) is a free and open source utility for network discovery and security audit. It is useful for network inventory, managing services, and host. It uses RAW IP packets in novel ways to determine what hosts are available on the network, what services those hosts are offering. You can download it from here It was designed to rapidly scan the large networks. Network mappers suite includes and advance GUI and results viewer which you can download from here
Features of Network Mapper
- Flexible – Supports dozen of advanced scanning techniques, port scanning with filter, OS detection, Version detection ping sweeps and more.
- Powerful – It has been used to scan huge networks of literary hundreds of thousand of machines.
- portable – Most of the operating systems are supported, including Linux, Microsoft Windows, FreeBSD, OpenBSD, Solaris, IRIX, MAC OS X.
- Easy – You can simply start scanning with nmap -v -A host. Both command line and GUI are supported.
- Free – It is available for free download, and also comes with full source code that you may modify and redistribute.
Below is a glimpse of Nmap’s command
nmap 192.168.80.138 (Scans the single IP address)
nmap 192.168.80.138-20 (scan a range of IPs)
nmap -sV -p 443 –script=ssl-heartbleed.nse 192.168.80.138 (Scans for heartbleed)
nmap -sS 192.168.80.138 (Scan using TCP SYN scan) (default)
Privileged access is required to perform the default SYN scans. If privileges are insufficient a TCP connect scan will be used. A TCP connect required a full TCP connection to be established and therefore is a slower scan. Service and OS detection rely on different methods to determine the operating system or running service on a particular port. The aggressive service detection is often helpful if there are services running on unusual ports. The above commands are just a glimpse of this tool. Check out the full features by a running tool with no option. The creator of this tool Gordon Fyodor Lyon wrote this book to share everything he has learned about network scanning during the decade of its development.