Introduction to Nmap

Nmap is best known as a network scanning tool. The creator of Nmap is Gordon Lyon, an American network security expert.

Fig: Gordon Lyon

Hosts running Nmap on a computer network. Used to search for services. How to find it is that nmap sends packets to the target network and then analyzes and studies the responses that come back.

The thing to talk about here is the packet. In telecommunication, there is a lot of data to be transmitted over a digital network. Packet switching technology is used to group them together. So, a packet can be easily remembered as a data format carried by a packet switched network. Let's just say it's a format like Microsoft Word and Excel.

What is inside the packet mainly includes control information and user data. User data is also called payload. To make it easy to understand, if the header is the header, the payload is the actual message. Since this is not a book about networking, I won't go into details again. Let me discuss just the visual.

That's why nmap sends packets to the target network and then analyzes and studies the responses of the hosts running on a computer network. It is a tool to discover services. nmap can be used for much more than this. I will know more later. I think I have understood so far.

Installing Nmap

nmap is available for Windows, Linux and MacOS. Go to nmap.org and click on the Download page to get the download. On Android phones, you can also use pkg install nmap from an app like Termux. Security OSs like Kali and Parrot come built-in, so you don't need to install them. On Ubuntu & Debian linux, you can install sudo apt install nmap.

Windows users need to install 2 files nmap setup.exe and npcap .exe to install nmap.

Mac users can install it from home-brew, but they have to download and install the nmap .dmg file from the Download page of nmap.org under the heading Mac OS X Binaries.

On Mac and Windows, after installing Nmap, you should be able to use the command line and GUI. In Linux, if you want to use GUI, you need to install zenmap again.

For now, we will only use the command line. So forget the GUI for a while.

The number of users of nmap around the world is increasing every year. The main point is that nmap is Open Source. Everyone can use it for free. The source code can be viewed, read, modified and used. Because if you know, you can supplement and use as much as you know.

In this series of articles, we will mainly refer to nmap's official documentation and Nmap creator, Gordon Lyon's book. nmap is as broad as it gets if you really study it.

Appearance of Nmap

nmap has two versions: Command Line Interface (GLI) and Graphical User Interface (GUI). Android Termux only requires CLI.

Fig: Zenmap, GUI Version of Nmap

Fig: Nmap, CLI Version

The GUI version seems to be more clear, but the command type is the same. GUI is more popular because it is easier to look at. But actually, you need to know cli.

TCP/IP background

When you study nmap, you can see that it relies on networking concepts. If you want to understand more about TCP/IP, you should read Charles Kozierok's book The TCP/IP Guide. If you can't buy the book because it's too expensive, you can read it at http://www.tcpipguide.com/free/, which the author posted for free by encouraging his creativity. I bookmarked the page I was on while reading. So it will be easy to read again the next day.