DevOps Essentials

View on GitHub



nmap - Network exploration tool and security / port scanner


nmap [Scan Type…] [Options] {target specification}


Nmap (“Network Mapper”) is an open source tool for network exploration and security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts.

Nmap uses raw IP packets in novel ways to determine

While Nmap is commonly used for security audits, many systems and network administrators find it useful for routine tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime.

The output from Nmap is a list of scanned targets, with supplemental information on each depending on the options used.

Key among that information is the “interesting ports table”. That table lists the port number and protocol, service name, and state. The state is either open, filtered, closed, or unfiltered.

The port table may also include software version details when version detection has been requested. When an IP protocol scan is requested (-sO), Nmap provides information on supported IP protocols rather than listening ports.

Nmap can provide further information on targets, including reverse DNS names, operating system guesses, device types, and MAC addresses.



The syntax is

sudo nmap -sT -O localhost

list open UDP ports

sudo nmap -sU -O

list open TCP ports

sudo nmap -sT -O