How to Run a Simple Nmap Scan: 12 Steps (with Pictures) - wikiHow (2024)

  • Categories
  • Computers and Electronics
  • Computer Networking

Download Article

Explore this Article

methods

1Using Zenmap

2Using the Command Line

Other Sections

Tips and Warnings

Related Articles

References

Article Summary

Author Info

Last Updated: January 18, 2024Tested

Download Article

Are you worried about the security of your network or the security of someone else's? Ensuring that your router is protected from unwanted intruders is one of the foundations of a secure network. One of the basic tools for this job is Nmap or Network Mapper. This program will scan a target and report which ports are open and which are closed, among other things. Security specialists use this program to test the security of a network. To learn how to use it yourself, see Step 1 below.

Method 1

Method 1 of 2:

Using Zenmap

Download Article

  1. 1

    Download the Nmap installer. This can be found for free on the developer’s website. It is highly recommended that you download directly from the developer to avoid any potential viruses or fake files. Downloading the Nmap installer includes Zenmap, the graphical interface for Nmap which makes it easy for newcomers to perform scans without having to learn command lines.

    • The Zenmap program is available for Windows, Linux, and Mac OS X. You can find the installation files for all operating systems on the Nmap website.
  2. 2

    Install Nmap. Run the installer once it is finished downloading. You will be asked which components you would like to install. To get the full benefit of Nmap, keep all of these checked. Nmap will not install any adware or spyware.

    Advertisem*nt

  3. 3

    Run the “Nmap – Zenmap” GUI program. If you left your settings at default during installation, you should be able to see an icon for it on your desktop. If not, look in your Start menu. Opening Zenmap will start the program.

  4. 4

    Enter the target for your scan. The Zenmap program makes scanning a fairly simple process. The first step to running a scan is choosing your target. You can enter a domain (example.com), an IP address (127.0.0.1), a network (192.168.1.0/24), or a combination of those.

    • Depending on the intensity and target of your scan, running a Nmap scan may be against the terms of your internet service provider and may land you in hot water. Always check your local laws and your ISP contract before performing Nmap scans on targets other than your network.
  5. 5

    Choose your Profile. Profiles are preset groupings of modifiers that change what is scanned. The profiles allow you to quickly select different types of scans without having to type in the modifiers on the command line. Choose the profile that best fits your needs:[1]

    • Intense scan - A comprehensive scan. Contains Operating System (OS) detection, version detection, script scanning, and traceroute, and has aggressive scan timing. This is considered an intrusive scan.
    • Ping scan - This scan simply detects if the targets are online, it does not scan any ports.
    • Quick scan - This is quicker than a regular scan due to aggressive timing and only scanning select ports.
    • Regular scan - This is the standard Nmap scan without any modifiers. It will return ping and return open ports on the target.
  6. 6

    Click Scan to start scanning. The active results of the scan will be displayed in the Nmap Output tab. The time the scan takes will depend on the scan profile you chose, the physical distance to the target, and the target’s network configuration.

  7. 7

    Read your results. Once the scan is finished, you’ll see the message “Nmap done” at the bottom of the Nmap Output tab. You can now check your results, depending on the type of scan you performed. All of the results will be listed in the main Nmap Output tab, but you can use the other tabs to get a better look at specific data.[2]

    • Ports/Hosts - This tab will show the results of your port scan, including the services for those ports.
    • Topology - This shows the traceroute for the scan you performed. You can see how many hops your data goes through to reach the target.
    • Host Details - This shows a summary of your target learned through scans, such as the number of ports, IP addresses, hostnames, operating systems, and more.
    • Scans - This tab stores the commands of your previously-run scans. This allows you to quickly re-scan with a specific set of parameters.
  8. Advertisem*nt

  1. 1

    Install Nmap. Before using Nmap, you will need to install it so that you can run it from the command line of your operating system. Nmap is small and available for free from the developer. Follow the instructions below for your operating system:

    • Linux - Download and install Nmap from your repository. Nmap is available through most of the major Linux repositories. Enter the command below based on your distribution:
      • Red Hat, Fedora, SUSE
        rpm -vhU https://nmap.org/dist/nmap-6.40-1.i386.rpm (32-bit) OR
        rpm -vhU https://nmap.org/dist/nmap-6.40-1.x86_64.rpm (64-bit)
      • Debian, Ubuntu
        sudo apt-get install nmap
    • Windows - Download the Nmap installer. This can be found for free on the developer’s website. It is highly recommended that you download directly from the developer to avoid any potential viruses or fake files. Using the installer allows you to quickly install the command line Nmap tools without having to worry about extracting them to the right folder.
      • If you don’t want the Zenmap graphical user interface, you can uncheck it during the installation process.
    • Mac OS X – Download the Nmap disk image. This can be found for free on the developer’s website. It is highly recommended that you download directly from the developer to avoid any potential viruses or fake files. Use the included installer to install Nmap on your system. Nmap requires OS X 10.6 or later.
  2. 2

    Open your command line. Nmap commands are run from the command line, and the results are displayed beneath the command. You can use variables to modify the scan. You can run the scan from any directory on the command line.

    • Linux - Open the terminal if you are using a GUI for your Linux distribution. The location of the terminal varies by distribution
    • Windows - This can be accessed by pressing the Windows key + R and then typing “cmd” into the Run field. Windows 8 users can press the Windows key + X and select Command Prompt from the menu. You can run a Nmap scan from any directory.
    • Mac OS X - Open the Terminal application located in the Utility subfolder of your Applications folder.
  3. 3

    Run a scan of your target’s ports. To start a basic scan, type nmap <target>. This will ping the target and scan the ports. This is an easily-detected scan. The results will be displayed on your screen. You may need to scroll back up to see all of the results.

    • Depending on the intensity and target of your scan, running a Nmap scan may be against the terms of your internet service provider and may land you in hot water. Always check your local laws and your ISP contract before performing Nmap scans on targets other than your own network.
  4. 4

    Run a modified scan. You can use command line variables to change the parameters of the scan, resulting in more detailed or less detailed results. Changing the scan variables will change the intrusiveness of the scan. You can add multiple variables by placing a space between each one. Variables come before the target: nmap <variable> <variable> <target>[3]

    • -sS - This is a SYN stealth scan. It is less detectable than a standard scan but may take longer. Many modern firewalls can detect an –sS scan.
    • -sn - This is a ping scan. This will disable port scanning, and will only check to see if the host is online.
    • -O - This is an operating system scan. The scan will attempt to determine the operating system of the target.
    • -A - This variable enables several of the most commonly used scans: OS detection, version detection, script scanning, and traceroute.
    • -F - This enables fast mode, and will reduce the number of ports scanned.
    • -v - This will show more information in your results, making them easier to read.
  5. 5

    Output the scan to an XML file. You can set your scan results to be outputted as an XML file so that you can easily read them in any web browser. To do this, you will need to use the -oX variable, as well as set a filename for the new XML file. A completed command would look similar to nmap –oX Scan Results.xml <target>.

    • The XML file will be saved to whatever your current working location is.
  6. Advertisem*nt

Community Q&A

Search

Add New Question

  • Question

    How do I test for vulnerabilities using Nmap?

    How to Run a Simple Nmap Scan: 12 Steps (with Pictures) - wikiHow (17)

    Community Answer

    Nmap don't test the vulnerability, Nmap simply displays it (if any). You can use exploit tools to test it.

    Thanks! We're glad this was helpful.
    Thank you for your feedback.
    If wikiHow has helped you, please consider a small contribution to support us in helping more readers like you. We’re committed to providing the world with free how-to resources, and even $1 helps us in our mission.Support wikiHow

    YesNo

    Not Helpful 2Helpful 8

  • Question

    What happens if the ports open when running a simple Nmap scan?

    How to Run a Simple Nmap Scan: 12 Steps (with Pictures) - wikiHow (18)

    Saravanan Krishnamurthy

    Community Answer

    You can use that opened port to exploit the target That's why opened ports are vulnerable.

    Thanks! We're glad this was helpful.
    Thank you for your feedback.
    If wikiHow has helped you, please consider a small contribution to support us in helping more readers like you. We’re committed to providing the world with free how-to resources, and even $1 helps us in our mission.Support wikiHow

    YesNo

    Not Helpful 0Helpful 8

  • Question

    What are ports and why do websites use them?

    How to Run a Simple Nmap Scan: 12 Steps (with Pictures) - wikiHow (19)

    Community Answer

    Ports are essentially an address or destination within a 'host' (computer). When you send data on the Internet, a hostname and port number are specified for where the data should go. The hostname, such as 'library.ibm.com', is translated into the 'IP' address: 9.2.216.43 That identifies the specific computer (NIC) on the Internet. The port number is a 16 bit number (from 0 to 65534) which identifies a a service or listener on that computer. For example, port 80 is the usual port for H T T P, for web servers. (This example was for classic Internet, called IPv4, perennially IPv6 network uses longer, 6 byte IP addresses and longer, 4 byte port numbers)

    Thanks! We're glad this was helpful.
    Thank you for your feedback.
    If wikiHow has helped you, please consider a small contribution to support us in helping more readers like you. We’re committed to providing the world with free how-to resources, and even $1 helps us in our mission.Support wikiHow

    YesNo

    Not Helpful 0Helpful 3

See more answers

Ask a Question

200 characters left

Include your email address to get a message when this question is answered.

Submit

      Advertisem*nt

      Tips

      • Target not responding? Try adding the "-P0" switch to your scan. This will force Nmap to start the scan, even if it thinks that the target doesn't exist. This is useful if the computer is blocked by a firewall.

        Thanks

        Helpful0Not Helpful0

      • Wondering how the scan is going? Hit the spacebar, or any key, while the scan is running, to view Nmap's progress.

        Thanks

        Helpful0Not Helpful0

      • If your scan is taking forever to complete (think twenty minutes or more), try adding the "-F" switch to the Nmap scan to have Nmap scan only the most frequently used ports.

        Thanks

        Helpful0Not Helpful0

      Submit a Tip

      All tip submissions are carefully reviewed before being published

      Name

      Please provide your name and last initial

      Submit

      Thanks for submitting a tip for review!

      Advertisem*nt

      Warnings

      • If you frequently run Nmap scans, be prepared to answer questions from your ISP (Internet Service Provider). Some ISPs routinely look for Nmap traffic, and Nmap isn't exactly the most inconspicuous tool. Nmap is a very well-known tool, and one that is used by hackers, so you may have a little explaining to do.

        Thanks

        Helpful0Not Helpful1

      • Make sure that you have permission to scan the target! Scanning www.whitehouse.gov is just asking for trouble. If you want a target to scan, try scanme.nmap.org. This is a test computer set up by the author of Nmap, free to scan without getting yelled at.

        Thanks

        Helpful0Not Helpful0

      Advertisem*nt

      You Might Also Like

      How toSecure Your PCHow toFind the MAC Address of Your Computer
      How toConnect Two ComputersHow to Check if a Port is Open: 5 Quick Ways3 Ways to Change a Computer's Mac Address in WindowsHow to Join a Domain on a Windows Computer or MacHow toCreate a Local Area Network (LAN)How to Forward a Port on Any Router: Easy GuideHow toGet a MAC Address from an IP RemotelyHow toConnect One Router to Another to Expand a NetworkHow toCheck Your Firewall SettingsHow to Set up a Shared Network DriveHow toTrack a PersonHow to Connect a PC to a Network

      Advertisem*nt

      About This Article

      Tested by:

      wikiHow Technology Team

      wikiHow is a “wiki,” similar to Wikipedia, which means that many of our articles are co-written by multiple authors. To create this article, 25 people, some anonymous, worked to edit and improve it over time. This article has been viewed 441,369 times.

      How helpful is this?

      Co-authors: 25

      Updated: January 18, 2024

      Views:441,369

      Categories: Computer Networking

      Article SummaryX

      1. Download the installer.
      2. Run the installer.
      3. Open NMap/Zenmap.
      4. Enter the target address.
      5. Choose a profile.
      6. Click Scan.
      7. Review the results.

      Did this summary help you?

      In other languages

      Spanish

      Russian

      German

      French

      Indonesian

      Dutch

      Arabic

      Chinese

      • Print
      • Send fan mail to authors

      Thanks to all authors for creating a page that has been read 441,369 times.

      Reader Success Stories

      • How to Run a Simple Nmap Scan: 12 Steps (with Pictures) - wikiHow (34)

        Kevin M.

        Oct 27, 2017

        "I'm taking an IT Audit class and we just talked about NMAP, so I wanted to know how to do one. Voila, here it..." more

        Rated this article:

      More reader storiesHide reader stories

      Is this article up to date?

      Advertisem*nt

      How to Run a Simple Nmap Scan: 12 Steps (with Pictures) - wikiHow (2024)
      Top Articles
      Best CFD Broker in Dubai
      The Barriers to Women in Trade Industries - North American Signs
      Toa Guide Osrs
      Encore Atlanta Cheer Competition
      Edina Omni Portal
      How Much Does Dr Pol Charge To Deliver A Calf
      Hallowed Sepulchre Instances &amp; More
      Skip The Games Norfolk Virginia
      Premier Boating Center Conroe
      Hallelu-JaH - Psalm 119 - inleiding
      Nexus Crossword Puzzle Solver
      Obituary | Shawn Alexander | Russell Funeral Home, Inc.
      Indiana Immediate Care.webpay.md
      Troy Athens Cheer Weebly
      Breakroom Bw
      Industry Talk: Im Gespräch mit den Machern von Magicseaweed
      RBT Exam: What to Expect
      6813472639
      065106619
      Parent Resources - Padua Franciscan High School
      Der Megatrend Urbanisierung
      Royal Cuts Kentlands
      Att.com/Myatt.
      Aspenx2 Newburyport
      Apartments / Housing For Rent near Lake Placid, FL - craigslist
      Access a Shared Resource | Computing for Arts + Sciences
      Wku Lpn To Rn
      Uno Fall 2023 Calendar
      Guide to Cost-Benefit Analysis of Investment Projects Economic appraisal tool for Cohesion Policy 2014-2020
      Mark Ronchetti Daughters
      Opsahl Kostel Funeral Home & Crematory Yankton
      Regis Sectional Havertys
      Can You Buy Pedialyte On Food Stamps
      888-333-4026
      Encompass.myisolved
      Thelemagick Library - The New Comment to Liber AL vel Legis
      Questions answered? Ducks say so in rivalry rout
      Costco Gas Foster City
      Chase Bank Zip Code
      Grand Valley State University Library Hours
      Elven Steel Ore Sun Haven
      Walmart Careers Stocker
      Mcoc Black Panther
      Who uses the Fandom Wiki anymore?
      Jeep Forum Cj
      Heat Wave and Summer Temperature Data for Oklahoma City, Oklahoma
      Msatlantathickdream
      Jigidi Jigsaw Puzzles Free
      Parks And Rec Fantasy Football Names
      Acellus Grading Scale
      Latest Posts
      Article information

      Author: Golda Nolan II

      Last Updated:

      Views: 5744

      Rating: 4.8 / 5 (78 voted)

      Reviews: 93% of readers found this page helpful

      Author information

      Name: Golda Nolan II

      Birthday: 1998-05-14

      Address: Suite 369 9754 Roberts Pines, West Benitaburgh, NM 69180-7958

      Phone: +522993866487

      Job: Sales Executive

      Hobby: Worldbuilding, Shopping, Quilting, Cooking, Homebrewing, Leather crafting, Pet

      Introduction: My name is Golda Nolan II, I am a thoughtful, clever, cute, jolly, brave, powerful, splendid person who loves writing and wants to share my knowledge and understanding with you.