NMAP: Network Mapper. Description.

Spread the words

NMAP is an open source tool for network exploration and security auditing. It was designed to rapidly scan large networks and single host. NMAP uses raw IP packets to determine

  • Host available on the network
  • Application names and versions those hosts are offering
  • OS versions they are running
  • Type of packet filters and firewalls are in use
  • And more…

The output from NAMP is a list of scanned targets, with supplemental information on each depending on the options used. Among other information is the ports table. The table lists

  • The port number and protocol
  • Service name
  • State

The state is

  • Open: means that an application on the target machine is listening for connections, packets on the port.
  • Filtered: means that a firewall, filter or other network obstacle is blocking the port so that NMAP cannot tell whether it is open or closed.
  • Closed: means ports have no application listening on them, though they could open up at any time.
  • Unfiltered: means they are responsive to NAMP’s probes, but NAMP cannot determine whether they are open or closed.

NMAP reports the state combinations open|filtered and closed|filtered when it cannot determine which of the two states describes a port.

The port table may include software version details when version detection has been requested.

When an IP protocol scab is requested (-sO), NAMP provides information on supported IP protocols rather than listening ports.

In addition to the ports table, NMAP can provide

  • Reverse DNS names
  • OS name and version
  • Device types
  • MAC addresses
  • And more…

Be the first to comment on "NMAP: Network Mapper. Description."

Leave a comment

Your email address will not be published.


*