5 Ways The Linux Nmap Command Can Help Keep Your Network Secure

Trending 1 month ago
  1. Home
  2. Tech
  3. 5 Ways The Linux Nmap Command Can Help Keep Your Network Secure
netblue555gettyimages-2204617606
aire images/Moment via Getty Images

Follow ZDNET: Add america arsenic a preferred source connected Google.

ZDNET's cardinal takeaways

  • If you request to scan your network, nmap is nan instrumentality to use.
  • Nmap tin beryllium installed connected immoderate Linux distribution.
  • Nmap has respective very useful commands.

The nmap command (short for web mapper) is simply a web exploration/security auditing instrumentality that tin quickly scan networks to thief you find retired what hosts are available. With nmap, you tin observe unfastened ports and services, and moreover find retired what operating systems are connected your network. 

I've utilized nmap to find retired what machines are connected a web and what ports/services are open. If I find a larboard that shouldn't beryllium open, I tin adjacent it to debar information issues.

Also: 5 reasons you should ditch Windows for Linux today

In different words, nmap is an basal instrumentality for anyone who's superior astir their web security. 

The point is, nmap tin do a lot. In fact, if you were to publication nan manual page (man nmap), you'd apt travel distant confused and intimidated. That's unfortunate, because nmap tin travel successful very handy.

To debar nan disorder and intimidation, I'll show immoderate of nan much useful things you tin do pinch nmap. Without further ado, unfastened your terminal app and get fresh to scan.

Installing nmap

If nmap isn't already installed connected your Linux distribution, it's really rather easy to do. Here's how:

  • Ubuntu/Debian-based distributions: sudo apt-get instal nmap -y
  • Fedora-based distributions: sudo dnf instal nmap -y
  • Arch-based distributions: sudo pacman -S nmap

1. Operating strategy discovery

This is 1 of nan tasks I often usage pinch nmap because I regularly request to find which OS is associated pinch an IP address. As pinch galore nmap commands, this tin beryllium tally connected a azygous reside aliases a scope of addresses. The bid for OS find connected a azygous IP reside would look thing for illustration this:

nmap -A 192.168.1.176

Near nan bottommost of nan results, you should find a statement that looks for illustration this:

Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

Now, you cognize what OS is associated pinch that IP address.

If you want to scan a scope of addresses to find retired which OS is associated pinch each big connected your network, nan bid would look thing for illustration this:

nmap -A 192.168.1.0/24

Keep successful mind that scanning an full larboard scope tin return rather a spot of clip (depending connected nan number of machines attached to your LAN).

2. List unfastened ports

Sometimes you conscionable request to cognize what ports are unfastened connected your network. You mightiness observe that location are machines pinch unfastened ports that shouldn't beryllium open. If that's nan case, you would decidedly want to adjacent them (or consequence information breaches). The point astir ports is that location are a batch of them (to nan tune of 65,536). Many of those ports aren't regularly used, but you ne'er know, which is why it's important to tally a scan of ports connected your LAN to spot what's what.

Also: The champion Linux distros for beginners

To tally a larboard scan connected a azygous big pinch nmap, nan command would look thing for illustration this:

nmap -p 0-65535 192.168.1.176

To tally a larboard scan connected your full LAN, nan bid would look thing for illustration this:

nmap -p 0-65535 192.168.1.0/24

You tin besides scan for a azygous port. Say, for instance, you want to cheque and spot if immoderate big connected your web has its SMTP larboard open. That scan would be:

nmap -p 25 192.168.1.0/24

3. Scan an full network

If you conscionable want to tally a wide scan of your full network, you could usage nmap for illustration so:

nmap 192.168.1.*

You could moreover adhd much output pinch nan verbose flag, for illustration this:

nmap -v 192.168.1.*

Because nan supra commands are all-encompassing, they tin return rather a spot of clip to complete.

3. Scan aggregate machines (but not an full network)

Let's opportunity you want to scan for unfastened ports connected nan machines 192.168.1.11, 192.168.1.12, 192.168.1.13, and 192.168.1.14. Instead of typing retired nan full reside for each, you tin alternatively usage conscionable nan past octets for illustration so:

nmap -p 0-65535 192.168.1.11,12,13,14

You could besides scan an reside scope for illustration this:

nmap -p 0-65535 192.168.1.11-14

4. Detect firewalls

You mightiness request to find retired if a big has a firewall running. Naturally, if you find a big pinch its firewall disabled, you should make judge to alteration it immediately. 

Also: Linux desktop frozen? My 5 go-to tricks to effort - earlier forcing a difficult reboot

To usage nmap to observe firewalls is simply a spot trickier than nan different commands, because you'll not only usage aggregate options, but besides nonstop nan output to a record (for easier viewing). The bid would look thing for illustration this:

sudo nmap -sF -g 25 -oN fw.txt 192.168.1.11

Although nmap sends nan output to nan terminal, it besides saves it to a record (in nan supra case, fw.txt). If you spot "filtered" successful nan output, nan firewall is up and running. If you spot "ignored state(s)," that intends nan firewall is disabled.

5. Discover 'live' hosts

You mightiness besides want to place which hosts connected your LAN are presently online and responsive (instead of hibernating and/or offline). To tally this scan would look for illustration this:

nmap -sP 192.168.1.0/24

If you spot "Host is up," past you cognize that nan instrumentality is live.

Those are nan 5 nmap commands I regularly run. Given really overmuch nmap tin do, I highly urge you publication done nan nmap man page (man nmap) to find retired everything other nan bid has to offer.

Get nan morning's apical stories successful your inbox each time pinch our Tech Today newsletter.

More

Related Article

Spotify Acquires Music Database Whosampled

Spotify Acquires Music Database Whosampled

3 minutes ago 1
Warner Music Settles Copyright Lawsuit With Udio, Signs Deal For Ai Music Platform

Warner Music Settles Copyright Lawsuit With Udio, Signs Deal For Ai Music Platform

5 minutes ago 1
Bluesky Revamps Its Moderation And Reporting Tools With Transparency In Mind

Bluesky Revamps Its Moderation And Reporting Tools With Transparency In Mind

26 minutes ago 3

Popular Article

The Best Wireless Headphones For 2025: Bluetooth Options For Every Budget

The Best Wireless Headphones For 2025: Bluetooth Options For Every Budget

3 months ago 480
New Travel Turmoil As American Airlines, United, Jetblue, And Avelo Slashing Flights And Routes – What You Need To Know

New Travel Turmoil As American Airlines, United, Jetblue, And Avelo Slashing Flights And Routes – What You Need To Know

3 months ago 325
American, Delta, Southwest And Alaska Connecting Chicago, Philadelphia, Raleigh-durham, San Diego, Santa Maria, Sun Valley With New Winter Airline Routes, Ballooning Us Travel Industry

American, Delta, Southwest And Alaska Connecting Chicago, Philadelphia, Raleigh-durham, San Diego, Santa Maria, Sun Valley With New Winter Airline Rou...

3 months ago 309
Google Is Experimenting With Machine-learning Powered Age Estimation Tech In The U.s.

Google Is Experimenting With Machine-learning Powered Age Estimation Tech In The U.s.

3 months ago 269
Thousands Of Air Canada Flights At Risk As Potential Strike Threat Set To Disrupt Global Travel

Thousands Of Air Canada Flights At Risk As Potential Strike Threat Set To Disrupt Global Travel

3 months ago 268
English (US) English (US) · Indonesian (ID) Indonesian (ID) ·
About Us · Contact Us · Terms & Conditions ·

©2025 Vokash.
All Rights Reserved.