When managing networks in environments with Linux operating systems, it is ideal to have the right tools to optimize and manage in a much simpler way everything the network has to offer us..
By using Linux systems, nmap becomes the ideal solution thanks to its scope, simplicity of use and great alternatives that it offers us.
In this tutorial we will see how to perform an audit and security process with nmap and thus verify how the support tasks will be something really simple..
What is nmap
Nmap or also known as "Network Mapper", is a free and open source utility created to detect networks and perform security audits on network infrastructures. Nmap was designed to scan large networks, but it works well against single hosts or small networks.
Nmap is a utility of the most used for many tasks, some of them are:
- Network detection and network inventory
- Administration of service update schedules
- Real-time host or service activity monitoring
How does it work?
Nmap makes use of IP packets to determine these characteristics:
- Hosts that are live on the network.
- Services with name and version of the application.
- Operating systems that are being used.
- Pack filters and Firewalls in use.
Nmap is compatible with virtually all operating systems such as Windows, Linux or macOS among others. We have the possibility to use it by commands or through the suite with an advanced GUI (Zenmap). A flexible data transfer, redirection and debugging tool (Ncat), a utility to compare scan results (Ndiff) and a packet generation and response analysis tool (Nping) with what you will have as a good system or network administrator all the necessary kit for your daily tasks.
Nmap features
Within its characteristics we have:
- Flexibility: Nmap allows you to use dozens of advanced techniques to map networks of IP filters, firewalls, routers and more, including many port scanning mechanisms (both TCP and UDP), operating system detection, version detection, ping sweeps and more .
- Powerful: Nmap can be implemented to scan large networks composed of thousands of machines.
- Portable: Nmap can be run on operating systems such as Linux, Microsoft Windows, FreeBSD, OpenBSD, Solaris, IRIX, Mac OS X, HP-UX, NetBSD, Sun OS, Amiga and many more.
1. How to install Nmap on Linux
Step 1
To install nmap on our system we can run any of the following lines:
2. How to use Nmap in Linux
Step 1
To understand all the options offered by nmap we can execute the following line:
nmap –help
Step 2
The first option we have with nmap is to validate a website or an IP address, for this we must execute the following line:
sudo nmap -sS [IP] or [Website]
Step 3
In this case we will execute the following line:
sudo nmap -sS www.solvetic.com
Step 3
We can see in detail all the ports available on said website as well as their status and name of the service associated with that port.
Another of the options offered by nmap is to discover the operating system used by the website or the IP address that we indicate, for this we must execute the following syntax:
sudo nmap -O --osscan-guess [IP] or [Website]
Step 4
The next alternative to use is to execute a ping scan command which is practical when we must verify the open ports of a computer, in this case we will use the following syntax:
sudo nmap -vv [IP] or [Website]
Step 5
Another option available is to verify the services executed at the destination using the following syntax:
sudo nmap -sV [IP] or [Website]
Thus we have seen how it is possible to use nmap to analyze in a much more complete way multiple aspects of the local or external network.