Gordon Lyon, known online as Fyodor Vaskovich, created Nmap in 1997. Since then, it has become one of the all-time favorite tools of network admins. Movies like The Matrix Reloaded even featured Nmap, where Trinity uses it to find and exploit a vulnerable SSH server. Interesting, right?
What is NMAP?
Nmap is a free and open-source tool used for network discovery and security auditing. While it’s useful for discovery, Nmap is also widely used for security auditing to spot weak points or unauthorized devices.
With Nmap, you can:
- See which hosts are online
- Check what services (and versions) are running
- Detect the operating system a device is using
- Spot firewalls or filters that may be blocking traffic
- Find unauthorized devices or weak points in your setup
Maintained by a large community, Nmap has been trusted for decades as one of the most versatile tools for both admins and security professionals.
Nmap also includes other tools for data transfer (Ncat), comparing scan results (Ndiff), and packet manipulation (Nping).
What is Nmap used for?
At its core, Nmap gives insight into network mapping by identifying the devices and services that are connected to the network. Port scanning is one of the main features that users can easily configure. Since a network can have thousands of ports, checking every single one would take a while. Instead, admins can either choose specific ranges to scan or schedule scans over time to make the process more efficient.
Nmap is available on Linux, Windows, and macOS or even less common OSs: AIX, Solaris, BSD versions (FreeBSD, NetBSD, and OpenBSD), and Amiga OS. It can be used via command-line terminals or by a GUI like Zenmap.
For network admins and sysadmins, Nmap is used for:
- Network inventory: Building an inventory of devices, open ports, services, and operating systems.
- Managing service upgrades and versions
- Monitoring the services’ uptime: Checking if servers and apps are up and available
For security professionals, it helps with things like:
- Network discovery: Discovering hosts and services across a network
- Security auditing: Spotting weaknesses or misconfigurations
- Finding the network’s vulnerabilities
- Checking for shadow IT: Unauthorized devices that are connected to the network.
- Port scanning: Checking which ports are open, closed, or filtered
Download and install Nmap
On Windows: Head over to the official Nmap download page and grab the Windows installer. Run the setup file, follow the steps, and Nmap plus Zenmap, the GUI version, will be ready to use.
On Linux: Most Linux distros include Nmap in their package manager. For example:
sudo apt install nmap # Debian/Ubuntu
sudo yum install nmap # CentOS/RHEL Let’s see how to check which common ports are open on a host. You can run “-p”:
nmap -p 22,80,443 192.168.0.1 This command scans ports 22 (SSH), 80 (HTTP), and 443 (HTTPS) on the target 192.168.0.1. If they’re open, Nmap will list them along with the services running on each port.
⚠️ This article is for educational purposes only. Nmap should only be used on systems and networks you own or have explicit permission to test. Unauthorized scanning can be illegal and may have serious consequences.