Nmap came out in the old ’90s when my umbilical cord was not even detached. When I was in my young college days I came to know about NMAP and it was really cool to scan the college network. Sadly our college professors were more intelligent than us.
I was using Nmap aggressively on the college network to scan the hosts and was trying to hack into the servers by illegal means( which I do not recommend to anyone reading this). Until one day I got a notification from college email ID “ Please refrain from using the UI console as the services are down”. I just logged on to my laptop and saw I did a DDOS unknowingly and the webserver went down.
That was the last day I used NMAP in college because if I had been caught I would be suspended and it was my last year where I had to sit for the placements. I am grateful things did not turn that bad.
Coming back to point. Nmap is a powerful tool used in the initial steps of ethical hacking or gaining access to any unknown systems.
Nmap is like getting the address/phone number of the hot guy/girl you saw a few minutes back. You will approach someone who knows that person. In a similar fashion, NMAP is our best friend that knows evert host/network in the world, it’s just that we have to charge him up, it doesn't matter if it is Linux or Windows he will be always on your side. But hold on here we forgot the first step to tell your buddy to hide your identity as we do in real life.
Here in networking, we will need to mask ourselves ( not the K95 masks) we have to hide our IP. Once we do that we hit our NMAP and perform the magic.
Yes, Nmap is that big that it can scan anything but do not use it blindly for anything or everything. I would suggest getting the Recon of the target machine by the first acknowledging is that machine/network live. we can do that by sending ARP packets with Packet Builder Softwares.
Fact that NMAP is available for Windows and Linux makes it in the top and oldest Recon methods to date, that person would be an Alien if they have not heard of NMAP and working in the security Domain.
As per the NMAP.org below is what they say.
Nmap is a powerful tool that is capable of generating a multitude of signatures depending on how it is used. However, if we understand the operation of the tool in general, it is easier to recognize its overall signature in network traffic. Dissecting the signature into sub-patterns one can differentiate between fingerprinting attempts that were successful and those that were not. It is important to understand that we have examined only one of the scan types that nmap can perform, the SYN half-open stealth scan. Several other scans are supported by Nmap: Tcp connect, FIN, Xmas, NULL, udp, ping, and even ftp-bounce. Expect to see these in the near future!
The intelligence that can be garnered by using nmap is extensive. It provides all the information that is needed for a well-informed, full-fledged, precisely targeted assault on a network. Such an attack would have a high probability of success, and would likely go unnoticed by organizations that lack intrusion detection capabilities.
One biggest problem with NMAP windows is that sometimes information will not be reliable. To make the facts sure I would suggest you, use additional tools to make the information more reliable.
Before you start your journey with NMAP I suggest you get yourself familiar with the below.
Catch Up with me on LinkedIn
Watch out on what you click, this is a digital era.