Using NMAP for ports monitoring

Using NMAP for ports monitoring

Nmap (Network Mapper) is a security scanner originally written by Gordon Lyon (also known by his pseudonym Fyodor Vaskovich)^[1]used to discover hosts and services on a computer network, thus creating a "map" of the network. To accomplish its goal, Nmap sends specially crafted packets to the target host and then analyzes the responses.

The software provides a number of features for probing computer networks, including host discovery and service and operating system detection. These features are extensible by scripts that provide more advanced service detection,^[2] vulnerability detection,^[2]and other features. Nmap is also capable of adapting to network conditions including latency and congestion during a scan. Nmap is under development and refinement by its user community.

Nmap was originally a Linux-only utility,^[3] but it was ported to Microsoft Windows, Solaris, HP-UX, BSD variants (including Mac OS X),AmigaOS, and SGI IRIX. Linux is the most popular platform, followed closely by Windows

This is the first and most basic form of network scan that can be done with nmap, to detect hosts that are alive and responding on the network.

$ nmap -sP 192.168.1.1-254

Starting Nmap 5.21 ( http://nmap.org ) at 2012-08-15 18:45 IST

Nmap scan report for 192.168.1.1

Host is up (0.0069s latency).

Nmap scan report for 192.168.1.2

Host is up (0.0012s latency).

Nmap scan report for 192.168.1.101

Host is up (0.000065s latency).

Nmap done: 254 IP addresses (3 hosts up) scanned in 6.64 seconds

In the above command we scan all ip addresses from 192.168.1.1 to 192.168.1.254
Thats the range and can be specified by the short syntax of 192.168.1.1-254