Scan ports with NMAP

There comes a time when you need to scan your hosts and see what services are on or what ports are listening.

Here is a quick command for scanning TCP ports with NMAP. Throw it on terminal.

nmap -oN nmap.txt -p- -sTV 1.1.1.1  2.2.2.2

-p- will scan all the known ports. T stands for TCP and V for versions.

If you want to check a particular port, then specify it with -p. For example:

nmap -oN nmap.txt -p 123 -sTV 1.1.1.1  2.2.2.2

Replace 1.1.1.1 with an actual IP or if you scan multiple hosts then just add ips like on the example above. The command above will create nmap.txt to userĀ“s home directory and it will append the information to the file. If you run the command again, then all the content in the nmap.txt will get replaced with the new data.

Information that will end up to the nmap.txt is similar to this:

# Nmap 7.60 scan initiated Sun Jan 21 20:38:53 2018 as: nmap -oN nmap.txt -p- -sTV 1.1.1.1
Nmap scan report for uewhfuewbr.v14113123.hdienbweui.ewjni.href (1.1.1.1)
Host is up (0.00034s latency).
Not shown: 3455534 closed ports
PORT STATE SERVICE VERSION
something open somewhere Service 113.34 (protocol 1223.7)

If you want to scan UDP ports instead of TCP then you must become sudo or root and issue:

sudo nmap -oN nmap.txt -sUV 1.1.1.1

The command above will scan 1000 common ports and output the results.

One more thing worth mentioning is this: Do not panic if nmap sees open ports on your LAN. This usually means that a computer in your LAN can reach another computer in your LAN. It is quite typical that people open ports in their LAN network and they have a public facing firewall, which keeps them out of harms way. Now, if you can scan your public IP with NMAP from the outside world and see ports opened then you should take action and block possible attackers. if you are running some Linux, you can usually stop worrying. Likewise, if you have a firewall and virus-protection enabled on Windows you should be good as well. If you are a Mac user then your level of security is somewhat similar than on Linux – so no worries there either. The previous of course assumes that you do update your software and do not  get careless and open ports randomly without considering what you are doing.