nmap aka. network mapper is a very versatile network tool. It can be use to explore networks, perform quick ‘security’ audit and find open ports on remote machines.
Scan an IP
# nmap 192.168.0.4Scan a range
# nmap 192.168.0.4-22Scan a subnet
# nmap 192.168.0.0/24Beside providing a netmask you can also use a wildcard character:
# nmap 192.168.0.*Exclude an IP from a scan
Use the --exclude option. You can specify an IP or a range.
Scan a list of hosts from a file
Use the -iL option. nmap will use the file content as a list of host to scan.
Find out ‘live’ hosts in a network
Use the -sP option. Only the responsive hosts will be listed:
# nmap -sP 10.4.0.0/24Guess the host OS
Use the -O --osscan-guess options. nmap will try to determine the OS of the scanned hosts using several tricks.
Perform a tcp null scan to “fool” a firewall
# nmap -sN 192.168.0.4