Nmap Port Specification and Scan Order
Port specification is important part of the scan. We should set port scope carefully because wrong scope will make our result vulnerable to false and long for time.
As we know tcp and udp protocols have port numbers from 0 to 65535. There are default values for some scans but we can specify the target ports with this parameter.
$ nmap -p 22,80,443 10.0.0.1
- -p will specify ports 22, 80, 443 for remote
$ nmap -p -100 10.0.0.1
- -p will specify port range between 0 and 100
We can exclude ports too. Specified ports will be excluded.
$ nmap -p -100 --exclude-ports 20-30 10.0.0.1
- –exclude-ports will remove ports between 20 and 30
Limited/Fast Port Scan
Nmap normally scans for top used 1000 ports but if we are in hurry we can limit it to 100 ports with option -F
$ nmap -F 10.0.0.1
- Scan top 100 ports with -F
Don’t Randomize Ports
Nmap normally in randomized order. If we want to scan orderly we can use -r
$ nmap -r 10.0.0.1
- Scan orderly with -r
Scan Top Ports
We can provide how much of the most popular ports will be scanned. Nmap provides most used ports database by the way.
$ nmap --top-ports 5 10.0.0.1
- Scan will take on most popular 5 ports with –top-ports option