NMAP is an open source tool for network exploration and security auditing. It was designed to rapidly scan large networks and single host. NMAP uses raw IP packets to determine
- Host available on the network
- Application names and versions those hosts are offering
- OS versions they are running
- Type of packet filters and firewalls are in use
- And more…
The output from NAMP is a list of scanned targets, with supplemental information on each depending on the options used. Among other information is the ports table. The table lists
- The port number and protocol
- Service name
The state is
- Open: means that an application on the target machine is listening for connections, packets on the port.
- Filtered: means that a firewall, filter or other network obstacle is blocking the port so that NMAP cannot tell whether it is open or closed.
- Closed: means ports have no application listening on them, though they could open up at any time.
- Unfiltered: means they are responsive to NAMP’s probes, but NAMP cannot determine whether they are open or closed.
NMAP reports the state combinations open|filtered and closed|filtered when it cannot determine which of the two states describes a port.
The port table may include software version details when version detection has been requested.
When an IP protocol scab is requested (-sO), NAMP provides information on supported IP protocols rather than listening ports.
In addition to the ports table, NMAP can provide
- Reverse DNS names
- OS name and version
- Device types
- MAC addresses
- And more…