WHAT IS NMAP ?
Nmap is a very popular and powerful network scanning tool used by network specialist and cyber security expert. Namp is use to scan the network and find the information about the network like ports, ip address, operating system, firewall etc.
HOW USE NMAP ?
Nmap is by default installed in kali linux. There is a gui version available for both kali linux and windows. To use kali linux you need basic knowledge of networking, ip addressing, subnet masking, tcp/ip protocol. You can use Nmap without knowledge of networking but it will be tough to know what is happening you will only get to know about commands. To be an hacker you just don’t relay on commands you have to know how this is working and what is the background process.
Basic Of TCP/IP Protocol
IP ADDRESS: Internet Protocol or IP is a 32 bit numerical number used to communicate between two computer over the network.
Network Scanning NMAP
FULL SCAN: As The Name suggest if you want to scan everything on the network at that time full scan is used
nmap Target IP
TCP SCAN: With tcp scan nmap will only scan tcp ports which are open in the network.
nmap -sT target ip
UDP SCAN: This is same as TCP but this time it will scan udp intead of tcp.
namp -sU target ip
STEALTH/HALF SCAN: Before you know about half scan. i will tell you how a connection is established between two network with tcp/ip protocol.
When a computer want to connect to a network he will send an SYS request to the computer with the ip address. when the opposite computer get the SYS request he reply back with SYS/ACK. As soon as the computer get the SYS/ACK request he sent a reply with ACK and connection is established between two computer. this process is called TCP/TP three way handshake. This is the same process is used in nmap. But in half scan When computer send sys and got reply with sys/ack then computer is suppose to send ack reply but in half scan computer doesn’t send ack reply.
When a computer doesn’t send ACK then computer doesn’t create a log for that connection and target want get any log in his computer.
nmap -sS target ip
AGGRESSIVE SCAN: Aggressive scan is the best scan it will be slow but will give you all the information like ports, operation system, service, version.Aggressive scan is not good if you are scanning the network of an organization or company. because aggressive create lots of noise/traffic into the network and you will be caught.
nmap -A target ip
THIS IS JUST A VERY BASIC OF NMAP.NMAP IS A VERY BIG TOOL WITH LOTS OF USE AND COMMAND.IF YOU WANT TO LEARN EVERYTHING ABOUT NMAP YOU CAN LEARN IT FROM HERE ALSO.
NOTE: SCANNING THE NETWORK WITHOUT THE PERMISSION OF THE NETWORK OWNER IS ILLEGAL