Nmap Network Scanning Guide 〈Official〉

The terminal revealed a critical detail: Port 80 wasn't just a generic web server; it was running an outdated version of Apache. Alex also saw that the target was likely a machine. Chapter 4: The Deep Dive (Nmap Scripting Engine)

The results flickered across the screen: "12 hosts up." Alex had their targets. Chapter 2: Peering Through the Windows (Port Scanning) Nmap Network Scanning Guide

Alex knew that scanning every possible IP would be loud and slow. They started with a ( nmap -sn 192.168.1.0/24 ) to quietly identify which devices were actually powered on without probing specific ports. The terminal revealed a critical detail: Port 80

Knowing a port is open isn't enough; you need to know what’s running inside. Alex used ( nmap -sV ) and OS Detection ( nmap -O ). Chapter 2: Peering Through the Windows (Port Scanning)

To truly find the "cracks" in the armor, Alex invoked the . They ran a vulnerability scan against the identified web server using the command: nmap --script vuln 192.168.1.45

With the list of active hosts, Alex needed to know which "doors" were open. They ran a ( nmap -sS ), often called a "stealth scan" because it never fully completes the TCP connection, making it harder for simple firewalls to log. Port 80 (HTTP): Open. A web server. Port 22 (SSH): Open. Remote access. Port 445 (SMB): Filtered. Likely behind a firewall.

Chapter 3: Identifying the Occupants (Service & OS Detection)