Nmap (Network Mapper) is a powerful open-source tool used for network discovery and security auditing. Whether you’re a system administrator, cybersecurity enthusiast, or just curious about how networks work, Nmap is an essential tool to learn.
🔍 What is Nmap?
Nmap scans IP addresses and ports to discover hosts and services on a network. It helps identify open ports, running services, and potential vulnerabilities.
📦 Installing Nmap
$ sudo apt install nmap # Debian/Ubuntu
$ sudo dnf install nmap # Red Hat/CentOS
$ brew install nmap # macOS (Homebrew)🚀 Basic Nmap Commands
1. Scan a Single IP
$ nmap 192.168.1.1Explanation: Performs a basic scan on the target IP to check for open ports.
Starting Nmap 7.93 ( https://nmap.org ) at 2025-08-01 15:59 BST
Nmap scan report for 192.168.1.1
Host is up (0.0010s latency).
Not shown: 997 closed ports
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
443/tcp open https2. Scan a Range of IPs
$ nmap 192.168.1.1-10Explanation: Scans IPs from 192.168.1.1 to 192.168.1.10.
Starting Nmap 7.93 ( https://nmap.org ) at 2025-08-01 16:00 BST
Nmap scan report for 192.168.1.1
Host is up (0.0012s latency).
PORT STATE SERVICE
22/tcp open ssh
Nmap scan report for 192.168.1.2
Host is up (0.0011s latency).
PORT STATE SERVICE
80/tcp open http
... (output truncated for brevity)3. Scan an Entire Subnet
$ nmap 192.168.1.0/24Explanation: Scans all 256 IPs in the subnet.
Starting Nmap 7.93 ( https://nmap.org ) at 2025-08-01 16:01 BST
Nmap scan report for 192.168.1.10
Host is up (0.0010s latency).
PORT STATE SERVICE
443/tcp open https4. Detect Operating System
$ sudo nmap -O 192.168.1.1-O: Enables OS detection (requires root privileges).
Starting Nmap 7.93 ( https://nmap.org ) at 2025-08-01 16:02 BST
Nmap scan report for 192.168.1.1
Host is up (0.0010s latency).
PORT STATE SERVICE
22/tcp open ssh
OS details: Linux 5.4 - 5.8
Network Distance: 1 hop5. Service Version Detection
$ nmap -sV 192.168.1.1-sV: Detects service versions running on open ports.
Starting Nmap 7.93 ( https://nmap.org ) at 2025-08-01 16:03 BST
Nmap scan report for 192.168.1.1
Host is up (0.0010s latency).
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 8.2p1 Ubuntu 4ubuntu0.3
80/tcp open http Apache httpd 2.4.41
443/tcp open https nginx 1.18.06. Aggressive Scan
$ sudo nmap -A 192.168.1.1-A: Enables OS detection, version detection, script scanning, and traceroute.
Starting Nmap 7.93 ( https://nmap.org ) at 2025-08-01 16:04 BST
Nmap scan report for 192.168.1.1
Host is up (0.0010s latency).
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 8.2p1
80/tcp open http Apache httpd 2.4.41
443/tcp open https nginx 1.18.0
OS: Linux 5.4 - 5.8
Traceroute:
192.168.1.1 (1 hop)7. Scan Specific Ports
$ nmap -p 22,80,443 192.168.1.1-p: Specifies which ports to scan.
Starting Nmap 7.93 ( https://nmap.org ) at 2025-08-01 16:05 BST
Nmap scan report for 192.168.1.1
Host is up (0.0010s latency).
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
443/tcp open https8. Save Output to File
$ nmap -oN scan_results.txt 192.168.1.1-oN: Saves output in normal format to a file.
$ cat scan_results.txt
# Nmap 7.93 scan initiated Fri Aug 1 16:06:00 2025 as: nmap -oN scan_results.txt 192.168.1.1
Nmap scan report for 192.168.1.1
Host is up (0.0010s latency).
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
443/tcp open https
# Nmap done at Fri Aug 1 16:06:05 2025 -- 1 IP address (1 host up) scanned in 5.00 seconds🛡️ Best Practices
- Always scan your own network or with permission.
- Use
-T4for faster scans, but avoid-T5unless necessary. - Combine
-sS(stealth scan) with-Pnto avoid ping checks.
📚 Conclusion
Nmap is a versatile and powerful tool that every beginner in cybersecurity or system administration should master. Start with basic scans and gradually explore advanced options like scripting and automation.
Did you find this guide helpful? Share it with your peers and subscribe for more beginner-friendly tutorials!