Kali linux tools (Nmap-Prt 2)Adham
1- OS scanning
OS scanning is one of the most powerful features of Nmap. When using this type of scan, Nmap sends TCP and UDP packets to a particular port, and then analyze its response. It compares this response to a database of 2600 operating systems, and return information on the OS (and version) of a host.
To run an OS scan, use the following command:
# nmap -O <target IP>
2- ping scan
One of the most basic functions of Nmap is to identify active hosts on your network. Nmap does this by using a ping scan. This identifies all of the IP addresses that are currently online without sending any packets to these hosts.
To run a ping scan, run the following command:
# nmap -sp <Target IP>/24
This command then returns a list of hosts on your network and the total number of assigned IP addresses. If you spot any hosts or IP addresses on this list that you cannot account for, you can then run further commands (see below) to investigate them further.
3- Host scan
A more powerful way to scan your networks is to use Nmap to perform a host scan. Unlike a ping scan, a host scan actively sends ARP request packets to all the hosts connected to your network. Each host then responds to this packet with another ARP packet containing its status and MAC address.
To run a host scan, use the following command:
# nmap -sp <target IP range>
This returns information on every host, their latency, their MAC address, and also any description associated with this address. This can be a powerful way of spotting suspicious hosts connected to your network.
If you see anything unusual in this list, you can then run a DNS query on a specific host, by using:
# namp -sL <IP address>
This returns a list of names associated with the scanned IP. This description provides information on what the IP is actually for.
4-detailed information about the remote machines.
nmap -v <Target IP>
It is used to get more detailed information about the remote machines.
5-active devices in the Network
nmap -sn <Target IP>/24
List of active devices in the Network
nmap -sA <Target IP>
To scan to detect firewall settings.
7- vulnerability scan
nmap –script vuln <Target IP>
For detecting the default vulnerability
8- Output file
If you want to output the results of your Nmap scans to a file, you can add an extension to your commands to do that. Simply add:
nmap -oN <file name.txt> <Target Scanned>
To your command to output the results to a text file, or:
nmap -oX <output.xml> <Target scanned>
To output to an XML.