How To Scan TCP and UDP Ports With Nmap?

RSS
EMAIL
FACEBOOK
FACEBOOK
GOOGLE
GOOGLE
https://www.poftut.com/scan-tcp-udp-ports-nmap/
PINTEREST
PINTEREST
INSTAGRAM

Nmap is very popular tool among pentester and system/network administrators. We have all ready provided different nmap tutorials and cheat sheet but TCP and UDP port scan is important part of the scan. We will dive in detail in this tutorial.

Start Port Scan

The most simple usage without any parameter for a port scan is just providing the target. The target can be a single IP or hostname or multiple targets. In this example we will scan IP address 192.168.1.1 with most common 1000 ports by default.

Start Port Scan

Start Port Scan

TCP Syn Scan

As we know TCP connection is initiated with 3-way handshake. The first step in 3-way handshake is sending Syn TCP packets. We can only send Syn packets to the target to scan and get status of the remote port without establishing connection. We will use -sS for this. This option requires Administrator or root privileges

TCP Syn Scan

TCP Syn Scan

TCP Ack Scan

TCP Ack scan will similar to Syn scan but also send the ACK packets to the target system. We will use -sA option for this.

UDP Port Scan

Nmap scans TCP ports by default and do not scan any UDP ports. Actually scanning UDP ports may not generate any reliable result but it may be beneficial in some situations. We can scan UDP ports with -sU option.

Range Of Port Scan

We can specify a port range for TCP port scan. We will use -p option and the range of port numbers by delimiting with - . For example 0-100 will scan TCP ports from 0 to 100.

LEARN MORE  How To Get Mac Addresses Of Hosts With Nmap?

Range Of Port Scan

Range Of Port Scan

Multiple Port Scan

In previous step we have specified the target port range as bulk. We have option to specify multiple ports one by one for single scan. We will use -p option again but we will delimit ports with , comma . In this example we will scan remote TCP ports 22,80,443 and 8080 .

Multiple Port Scan

Multiple Port Scan

Most Used Ports Scan

Nmap have a port usage frequency database. We can use this database to limit our scan for most common ports. We will use --top-ports option with most common port count. In this example we will scan most common 333 ports.

Fast Port Scan

We can specify the TCP port scan speed with -T options. There are 5 levels and the default level or speed is 3 . We can use 5 for fastest scan. Be aware that this may interrupt network or remote targets.

Slower Port Scan

We can also use 1 for slower port scan which will make our scan invisible for security systems like IPS or IDS.

RSS
EMAIL
FACEBOOK
FACEBOOK
GOOGLE
GOOGLE
https://www.poftut.com/scan-tcp-udp-ports-nmap/
PINTEREST
PINTEREST
INSTAGRAM

You may also like...

Leave a Reply

Your email address will not be published.

Enjoy this blog? Please spread the word :)