Debian / Ubuntu Linux: Install nmap Software For Scanning Network

Posted on in Categories , last updated November 19, 2012

How do I install nmap command under Debian or Ubuntu Linux based system for testing security of my own network?

Nmap is a command line tool for network exploration or security auditing. It supports ping scanning (determine which hosts are up), many port scanning techniques (determine what services the hosts are offering), and TCP/IP fingerprinting (remote host operating system identification).

Installation

To install nmap for Debian and Ubuntu Linux based server systems type the following apt-get command:
$ sudo apt-get install nmap
Sample outputs:

Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following NEW packages will be installed:
  nmap
0 upgraded, 1 newly installed, 0 to remove and 2 not upgraded.
Need to get 1,643 kB of archives.
After this operation, 6,913 kB of additional disk space will be used.
Get:1 http://mirrors.service.networklayer.com/ubuntu/ precise/main nmap amd64 5.21-1.1ubuntu1 [1,643 kB]
Fetched 1,643 kB in 0s (16.4 MB/s)
Selecting previously unselected package nmap.
(Reading database ... 56834 files and directories currently installed.)
Unpacking nmap (from .../nmap_5.21-1.1ubuntu1_amd64.deb) ...
Processing triggers for man-db ...
Setting up nmap (5.21-1.1ubuntu1) ...

Examples

To find the nmap version, enter:
# nmap -V
OR
# nmap --version
Sample outputs:

Nmap version 5.21 ( http://nmap.org )
WARNING! nmap scan could get you into legal trouble if you don’t have permission to scan the target systems.

To scan an IP address, enter:
# nmap 192.168.1.2
Sample outputs:

Starting Nmap 5.00 ( http://nmap.org ) at 2012-11-18 14:41 IST
Interesting ports on 192.168.1.2:
Not shown: 997 closed ports
PORT   STATE SERVICE
23/tcp open  telnet
53/tcp open  domain
80/tcp open  http
MAC Address: 74:44:01:40:57:FB (Unknown)
 
Nmap done: 1 IP address (1 host up) scanned in 1.28 seconds

To scan a range of IP addresses, enter:
# nmap 192.168.1.2-10
To scan an entire subnet:
# nmap 192.168.1.0/24
More examples:

## Ping only scan ##
nmap -sP 192.168.1.2
 
## Scan and do traceroute ##
nmap --traceroute IP-ADDRESS
nmap --traceroute DOMAIN-NAME-HERE
 
## TCP SYN Scan ##
nmap -sS 192.168.1.2
 
## UDP Scan ##
nmap -sU 192.168.1.2
 
## IP protocol scan ##
nmap -sO 192.168.1.2
 
## Scan port 80, 25, 443 ##
nmap -p 80 192.168.1.2
nmap -p http 192.168.1.2
nmap -p 25 192.168.1.2
nmap -p smtp 192.168.1.2
nmap -p 443 192.168.1.2
nmap -p 80,24,443 192.168.1.2
 
## Scan port ranges ##
nmap -p 512-1024 192.168.1.2
 
## Scan for OS i.e. Operating System Detection ##
nmap -O 192.168.1.2
nmap -O --osscan-guess 192.168.1.2
 
## Scan for application server version ##
nmap -sV 192.168.1.2

Type the following command to read nmap man page:
# man nmap

Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin and a trainer for the Linux operating system/Unix shell scripting. He has worked with global clients and in various industries, including IT, education, defense and space research, and the nonprofit sector. Follow him on Twitter, Facebook, Google+.

Share this on:

Tagged as: Tags , , , , ,