Welcome to my third tutorial on Information Gathering

In this tutorial we ll be use NMAP to gather Open Ports information about our target.

So first let us start with some basics of NMAP.

Using NMAP you can check the open ports and services versions running on a server that may help you to get direct access exploiting any of the functionality or via bruteforcing. It also helps you to understand about the services running on the server so that later it may help you while pentesting.

The two basic scan types used most in Nmap are TCP connect() scanning [-sT] and SYN scanning (also known as half-open, or stealth scanning) [-sS].

For a basic port scan:
Nmap <IP Address>



For a Stealth port scan:
Nmap -sS <IP Address>

To scan the service version running on Open Ports use -sV switch
Nmap -sV <IP Address>

Some times if a server is blocking your ping and acting dead then you can use -Pn switch to scan it
Nmap -sV -Pn <IP Address>

For a OS detection you can use -O switch

Nmap -O -Pn <IP Address>

Thats all for this tutorial see you in the next tutorial, keep rocking, and keep hacking.

Author : Zenodermus Javanicus
Date : 2014-02-23