What is the Nmap tool?
Nmap is an open-source network exploring tool. It rapidly scans large networks and gives back various information. The port table is arguably the most useful feature of Nmap as it gives back a tally of available ports and their statuses, whether they are open, closed, or protected (filtered). Along with the port table, Nmap provides DNS information, operating system guesses and MAC addresses, etc.
First let’s dig in on the major functionality of Nmap, Port scanning. Following are the available port statuses in Nmap.
- Open: This means that an application on the target end is actively accepting TCP connections, UDP datagrams, or SCTP associations on this port. Open ports are as a hacker as an open vault to a thief.
- Closed: Closed ports respond to data requests. However, no application is listening to them. Nmap uses such ports are used by Nmap to determine the OS or scan the provided IP address for live hosting.
- Filtered: Nmap cannot determine whether such ports are open or not as they are protected by dedicated firewalls, router rules, etc. Sometimes these ports respond with ICMP error messages to confuse the exploiter.
- Unfiltered: These ports are accessible but, Nmap cannot determine whether they are open or closed. This state occurs only for ACK scans.
- Open | Filtered: Nmap places a port in this state when it is unable to determine whether the port falls in the open or filtered category. This occurs in scan types when an open port does not respond.
- Closed | Unfiltered: Nmap is unable to tell whether the port is closed or unfiltered. This situation occurs in IP ID idle scan.
Footprinting with Nmap in Kali Linux
Footprinting is the technique of gathering information about a targeted network or computer system such as the version of OS the target is using, the kernel version (for Linux-based targets), the version of web hosting software (for server targets), etc. Footprinting could be both active and passive. Active Footprinting involves direct interaction with the target such as performing Nmap scans, etc. On the contrary, passive footprinting usually does not allows the target to be conscious of the enumeration. There are various tools out there to perform footprinting on various types of networks/systems. Nessus, Weblister, Harvester, Nmap, etc. are some of such tools. However, this article specifically focuses on Nmap.
Contact Us