Welcome to the IPFire Wiki

This wiki is a community-maintained resource about everything there is to know about IPFire. Join us and help us improving it!

Looking for something?

Use the search and find answers to everything about IPFire. If you cannot find what you are looking for, join our community and talk to fellow IPFire users, developers and everybody else involved in the project.

IPFire Community

Differences in Revisions: nmap

Older Revision
August 16 at 6:50 am
reformatted code blocks
# nmap
[Nmap](http://nmap.org/) (Network Mapper) is a tool for scanning and analysing hosts in a network.
Nmap is a powerful portscanner, one of the most important tools for a network administrator. It is able to find open ports on hosts and can identify an operating system, including the version of the OS and some components.
## Installation
You can install nmap with [Pakfire](/configuration/ipfire/pakfire) or on the shell with the command:
`pakfire install -y nmap`
pakfire install -y nmap
## Handling
Nmap can only be used on the shell, so I want to show you some commands and examples.
The "standard-scan" will scan every port from 1 to 1024 (e.g. on host
The output is similar to this:
[root@ipfire ~]# nmap
Starting Nmap 7.70 ( https://nmap.org ) at 2019-02-04 14:51
Nmap scan report for pi.localdomain (
Host is up (0.00073s latency).
Not shown: 996 filtered ports
22/tcp open ssh
80/tcp open http
443/tcp closed https
8080/tcp open http-proxy
MAC Address: B8:27:EB:xx:xx:x (Raspberry Pi Foundation)
Nmap done: 1 IP address (1 host up) scanned in 18.66 seconds
If you want to lookup for port 80, because maybe there is a webservice offered:
`nmap -p 80`
nmap -p 80
To scan a handfull of ports use:
`nmap -p 20,21,80`
nmap -p 20,21,80
To scan a port range use:
`nmap -p 80-90`
nmap -p 80-90
You also can scan more than one host:
`nmap -p 80,2,3,4 resp. # nmap -p 80`
nmap -p 80,2,3,4 resp. # nmap -p 80
Settings for ports are the same as above.
As I already told nmap can be used for OS-fingerprinting, to use this feature you have to add -O to your scan command:
`nmap -O`
nmap -O
As example, the output of a scan from IPfire:
Starting Nmap 4.60 ( http://nmap.org ) at 2008-11-04 17:46 CET
Interesting ports on
Not shown: 1711 closed ports
53/tcp open domain
81/tcp open hosts2-ns
222/tcp open rsh-spx
444/tcp open snpp
MAC Address: 00:XX:XX:XX:XX:XX (Allied Telesyn Internaional)
Device type: testfire
Running: IPCop Linux 2.4.X
OS details: IPCop firewall 1.4.10 - 1.4.15 (Linux 2.4.31 - 2.4.34)
Network Distance: 1 hop
## Links
Nmap is a very powerfull tool and a lot of people have allready written quite good documents how to use it. So I want to refer you to this pages here:
[HowTo from Stefano Albrecht](http://highgames.com/?set=hardwareview&view=13)
* [HowTo from Stefano Albrecht](http://highgames.com/?set=hardwareview&view=13)
[actual list of port numbers](http://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xml)
* [iana.org - actual list of port numbers](http://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xml)
[Trojans Port List](http://www.glocksoft.com/trojan_port.htm)
* [Trojans Port List](http://www.glocksoft.com/trojan_port.htm)
[github - nmap](https://github.com/nmap/nmap)
* [github - nmap](https://github.com/nmap/nmap)