Nmap ("Network Mapper") is an open source tool for network exploration and security auditing.
Questions tagged [nmap]
276 questions
29
votes
5 answers
Why would ping succeed but nmap fail?
Why does Nmap report "Host seems down" when a simple ping succeeds?
me@computer:~$ ping 123.45.67.89
PING 123.45.67.89 (123.45.67.89) 56(84) bytes of data.
64 bytes from 123.45.67.89: icmp_req=1 ttl=45 time=91.1 ms
64 bytes from 123.45.67.89:…
AShelly
- 459
10
votes
3 answers
nmap: easily Ping-Scan all addresses in my subnet
Is there an nmap line that will auto-detect my current IP address and subnet mask, and run a ping-scan on all? For example:
#> nmap -sP 0.0.0.0
Instead of manually:
#> nmap -sP 192.168.100.0/24
Felipe Alvarez
- 2,104
7
votes
4 answers
What is the "park-agent" service used for?
I scanned my machine using Nmap and found an open port (5431) is used by the "park-agent" service.
What is the "part-agent" service used for?
SWAT
6
votes
1 answer
nmap scan with netbios/bonjour name
Is there any fancy way in Nmap to scan hosts plus getting the netbios/bonjour name as Fing app does?
I've been looking at the -A argument, it's fine but it does a lot of another scripting stuff and takes more time.
autorun
- 275
5
votes
2 answers
Why doesn't OS scan work against your own machine?
When scanning with nmap using the -O or -A flag, nmap tries to determine the OS of the target machine.
Putting the question of why you would want to scan your own machine for OS aside, running OS scan on your own machine renders the message…
Zano
- 510
3
votes
2 answers
Using nmap with -sT option always shows imap and pop3 ports as opened
I installed nmap on OS X using brew.
I started to test it and something weird is happening. Every time I use nmap with the option -sT, it always shows the ports 110, 143, 993 and 995 as opened. I checked my computer, looking for process that are…
JonDoe297
- 201
2
votes
1 answer
nmap -sV giving inconsistent results
I am scanning two networks (of which one I know very well and the other is managed by someone else and information is sparse). The aim is to check compliance (presence of an AV listener on the machines) via an nmap -sV -p9999 (simplified…
WoJ
- 3,123
2
votes
1 answer
How to find ports marked as filtered by nmap
I have a host where if the command:
nmap
is run, then get response:
All 1000 scanned ports on are closed (958) or filtered (42)
So I want to find out which ports are those marked filtered and also to find the reason or at least…
user619818
- 336
- 3
- 5
- 14
2
votes
1 answer
Why would "nmap -p -" miss an open port?
I ran nmap -p - against a system that I knew to have at least one listening service. The only output that was returned was for port 113 (ident), which showed "closed".
I ran nmap again, but this time used nmap -p # (where # is the port number of a…
Iszi
- 13,775
1
vote
1 answer
nmap: Scantype - not supported
When I run the following nmap command to test against my VM's:
nmap --spoof-mac Cisco --data-length 24 -T paranoid -max-hostgroup 1 -max-parallelism 10 -PN -f -D 10.1.20.5,RND:5,ME -v -n -sS -sV-oA /desktop/pentest/nmap/out -p T:1-1024…
dylan7
- 231
1
vote
2 answers
Nmap's options beginning with P
Recently, I've been learning details about nmap scanner, with the help of tcpdump and wireshark. In order to find underlying behavior on nmap, I specified a dummy port 9527 and a command line like 'nmap -p9527 -P* target_ip'.
So I've noted all…
davidjone2007
1
vote
4 answers
Nmap- what are the top 100 ports scanned
I am new to nmap and i read that you can limit the output of nmap to the top 100 ports by using the command -F such as:
nmap -F
My question is what are the top 100 ports. I have been looking everywhere but cannot find it. Appreciate if anyone…
user1234007
- 13
1
vote
1 answer
Nmap scan entire local network
I wanted to scan the entirely of my home network using Nmap but was unsure of how I would go about this.
My default gateway and subnet mask are 192.168.0.1 and 255.255.255.0 respectively, so I first tried nmap -sS 192.168.0.1/24. However, this only…
4thousand01
1
vote
1 answer
How to easily diff two nmap scan outputs?
I ran a scan, plugged in a raspberry pi, then ran a scan again. Is there a utility or option within nmap that can allow me to easily diff the two scan outputs to find the IP address of my raspberry pi?
nmap scan used:
nmap -sP 192.168.86.1/24
It…
tarabyte
- 2,323
1
vote
0 answers
How to specify a range for source ports for Nmap
It seems source port option "-g" does not support a range of ports, but destination port "-p" does. Has anyone came across a way to scan a fixed destination port using a range of source ports?
This works
nmap -g 4565 -p 1000-1020 -sS target
But this…
user2066671
- 645