How to Use Nmap Command

Network Mapper is an open security tool used for network exploration, security scanning and auditing.  The nmap command includes plenty of options which make the utility much more efficient, but difficult for new users. Nmap are commonly used for:

1) Security audits

2) Multiple systems and network administrators find it useful for routine tasks such as network inventory

3) Managing service upgrade schedules

4) Monitoring host or service up-time.

1) Install nmap

sudo apt-get install nmap

2) Version of nmap

nmap -V OR namp –version

3) Scan IP address


Sample outputs:


Starting Nmap 5.00 ( ) at 2012-11-18 14:41 IST

Interesting ports on

Not shown: 997 closed ports


23/tcp open telnet

53/tcp open domain

80/tcp open http

MAC Address: 55:87:06:25:65:FC (Unknown)

Nmap done: 1 IP address (1 host up) scanned in 1.28 seconds

4) Scan a range of IP address


5) Scan entire subnet


6) Ping only scan

nmap -sP

7) Scan and do traceroute

nmap –traceroute IP-ADDRESS

nmap –traceroute DOMAIN-NAME-HERE

8) TCP SYN Scan

nmap -sS

9) UDP Scan

nmap -sU

10) IP protocol scan

nmap -sO

11) Scan port 80, 25, 443

nmap -p 80

nmap -p http

nmap -p 25

nmap -p smtp

nmap -p 443

nmap -p 80,24,443

12) Scan port ranges

nmap -p 512-1024

13) Scan for Operating System Detection

nmap -O

nmap -O –osscan-guess

14) Scan for application server version

nmap -sV

15) Scan a host name


16) Scan a host name with more info

nmap -v

17) Scan a host when protected by the firewall

nmap -PN

nmap -PN

18) Perform a fast scan

nmap -F

19) Show host interfaces and routes

nmap –iflist

20) Scan for IP protocol

This type of scan allows you to determine which IP protocols (TCP, ICMP, IGMP, etc.) are supported by target machines:

nmap -sO


If you need any further assistance please contact our support department.