Core Operations in Nmap

This section covers the fundamental operations and commands in Nmap that form the basis of all network scanning activities. Understanding these core concepts is essential for effectively using Nmap for network discovery and security assessment.

Section Overview

Nmap's core operations include specifying targets, selecting scan types, and configuring basic scan parameters. These operations determine what hosts are scanned, how they are scanned, and what information is gathered during the scanning process.

In This Section

• Basic Syntax - Learn the fundamental command structure and syntax of Nmap
• Scan Types - Explore the various scanning techniques available in Nmap
• Target Selection - Understand how to specify and select targets for scanning

Key Concepts

Command Structure

Nmap commands follow a consistent structure:

nmap [Scan Type] [Options] [Target Specification]

Understanding this structure is crucial for building effective scan commands.

Scan Types

Nmap offers various scan types, each with specific purposes:

• TCP SYN scan (-sS): The default and most popular scan type
• TCP connect scan (-sT): The default when SYN scan is unavailable
• UDP scan (-sU): For discovering UDP services
• FIN, XMAS, and NULL scans (-sF, -sX, -sN): Stealthy scan types that might bypass some firewalls

Target Specification

Targets can be specified in multiple formats:

• Individual IP addresses: 192.168.1.1
• Hostnames: example.com
• CIDR notation: 192.168.1.0/24
• IP ranges: 192.168.1.1-50
• From a file: -iL targets.txt

Next Steps

After mastering the core operations, you may want to explore:

• Advanced Techniques - Learn about service detection, OS fingerprinting, and the Nmap Scripting Engine
• Practical Applications - Discover real-world applications of Nmap in network security