AMP AMP

How to install Nmap 7.01 and to use on Linux Mint 18.3

To install Nmap 7.01 and to use on Linux Mint 18.3

The Nmap ( Network Mapper) is an open source and a very versatile tool for Linux system/network administrators. Nmap is used for exploring networks perform security scans, network audit and finding open ports on a remote machine. It scans for Live hosts, Operating systems, packet filters and open ports running on remote hosts. Installing Nmap 7.01 is so simple and this tutorial covers the ground on the same process. 

 

Installing Nmap

Most of the today’ s Linux distributions like Red Hat, CentOS, Fedoro, Debian, and Ubuntu have included Nmap in their default package management repositories called Yum and APT. Run the following command to install Nmap.

linuxhelp ~ # apt-get install nmap
Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following additional packages will be installed:
  liblinear3 lua-lpeg
Suggested packages:
  liblinear-tools liblinear-dev
Recommended packages:
  ndiff
The following NEW packages will be installed:
  liblinear3 lua-lpeg nmap
0 upgraded, 3 newly installed, 0 to remove and 174 not upgraded. 
.
.
Processing triggers for libc-bin (2.23-0ubuntu9) ...
Processing triggers for man-db (2.7.5-1) ...
Setting up liblinear3:amd64 (2.1.0+dfsg-1) ...
Setting up lua-lpeg:amd64 (0.12.2-1) ...
Setting up nmap (7.01-2ubuntu2) ...
Processing triggers for libc-bin (2.23-0ubuntu9) ...

 

 

Now that Nmap is installed, we’ ll see a wide range of its usability. First, let' s scan our target for vulnerabilities in the following manner. 

linuxhelp ~ # nmap -Pn --script vuln 192.168.7.232 
Starting Nmap 7.01 ( https://nmap.org ) at 2018-02-18 04:11 IST
Pre-scan script results:
| broadcast-avahi-dos: 
|   Discovered hosts:
|     192.168.7.134
|     192.168.7.147
|     192.168.7.130
|     192.168.7.144
|     192.168.7.141
|     192.168.7.138
.
.
|   After NULL UDP avahi packet DoS (CVE-2011-1002).
|_  Hosts are all up (not vulnerable).
Nmap scan report for 192.168.7.232
Host is up (0.00016s latency).
Not shown: 998 closed ports
PORT    STATE SERVICE
22/tcp  open  ssh
111/tcp open  rpcbind
MAC Address: 00:0C:29:7F:EC:FD (VMware)

Nmap done: 1 IP address (1 host up) scanned in 38.94 seconds

After your scan completes you can review Nmap’ s output to find what vulnerabilities were found. The findings along with applicable CVEs and links to any exploits that exist in Offensive Security' s Exploit Database are listed. 

 

You can also use the nmap command in the following manner to check whether the target is vulnerable to DoS. 

linuxhelp ~ # nmap --script dos -Pn 192.168.7.232

Starting Nmap 7.01 ( https://nmap.org ) at 2018-02-18 04:14 IST
Pre-scan script results:
| broadcast-avahi-dos: 
|   Discovered hosts:
|     192.168.7.142
|     192.168.7.147
|     192.168.7.144
|     192.168.7.121
|     192.168.7.141
.
.
|     192.168.7.134
|     192.168.7.129
|   After NULL UDP avahi packet DoS (CVE-2011-1002).
|_  Hosts are all up (not vulnerable).
Nmap scan report for 192.168.7.232
Host is up (0.00018s latency).
Not shown: 998 closed ports
PORT    STATE SERVICE
22/tcp  open  ssh
111/tcp open  rpcbind
MAC Address: 00:0C:29:7F:EC:FD (VMware)

Nmap done: 1 IP address (1 host up) scanned in 40.17 seconds

 

You can also use nmap command to scan using IP address. 

linuxhelp ~ # nmap 192.168.7.232
Starting Nmap 7.01 ( https://nmap.org ) at 2018-02-18 04:17 IST
Nmap scan report for 192.168.7.232
Host is up (0.00012s latency).
Not shown: 998 closed ports
PORT    STATE SERVICE
22/tcp  open  ssh
111/tcp open  rpcbind
MAC Address: 00:0C:29:7F:EC:FD (VMware)

Nmap done: 1 IP address (1 host up) scanned in 1.55 seconds

 

 

Also, you can scan OS information and Traceroute in the following manner. 

linuxhelp ~ # nmap -A 192.168.7.232

Starting Nmap 7.01 ( https://nmap.org ) at 2018-02-18 04:18 IST
Nmap scan report for 192.168.7.232
Host is up (0.00030s latency).
Not shown: 998 closed ports
PORT    STATE SERVICE VERSION
22/tcp  open  ssh     OpenSSH 7.4 (protocol 2.0)
| ssh-hostkey: 
|   2048 63:bf:4e:a0:11:14:59:ff:19:99:74:ae:45:ce:c0:18 (RSA)
|_  256 19:29:9e:3b:50:57:14:37:d2:3f:7e:49:c1:b4:d4:d9 (ECDSA)
111/tcp open  rpcbind 2-4 (RPC #100000)
| rpcinfo: 
|   program version   port/proto  service
|   100000  2,3,4        111/tcp  rpcbind
|_  100000  2,3,4        111/udp  rpcbind
MAC Address: 00:0C:29:7F:EC:FD (VMware)
Device type: general purpose
Running: Linux 3.X|4.X
OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4
OS details: Linux 3.2 - 4.0
Network Distance: 1 hop

TRACEROUTE
HOP RTT     ADDRESS
1   0.29 ms 192.168.7.232

OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 11.94 seconds


You can also enable OS detection with Nmap, all you need to do is use &ndash O option.   “ -osscan-guess” also helps to discover OS information. 

linuxhelp ~ # nmap -O 192.168.7.232

Starting Nmap 7.01 ( https://nmap.org ) at 2018-02-18 04:20 IST
Nmap scan report for 192.168.7.232
Host is up (0.00024s latency).
Not shown: 998 closed ports
PORT    STATE SERVICE
22/tcp  open  ssh
111/tcp open  rpcbind
MAC Address: 00:0C:29:7F:EC:FD (VMware)
Device type: general purpose
Running: Linux 3.X|4.X
OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4
OS details: Linux 3.2 - 4.0
Network Distance: 1 hop

OS detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 3.60 seconds

 

If you want to find the version of Nmap you can run the following command. 

linuxhelp ~ # nmap -V

Nmap version 7.01 ( https://nmap.org )
Platform: x86_64-pc-linux-gnu
Compiled with: liblua-5.2.4 openssl-1.0.2g libpcre-8.38 libpcap-1.7.4 nmap-libdnet-1.12 ipv6
Compiled without:
Available nsock engines: epoll poll select

 

You can also print ost interfaces and routes by making using of the following command. 

linuxhelp ~ # nmap --iflist

Starting Nmap 7.01 ( https://nmap.org ) at 2018-02-18 04:22 IST
************************INTERFACES************************
DEV   (SHORT) IP/MASK                      TYPE     UP MTU   MAC
ens33 (ens33) 192.168.7.234/24             ethernet up 1500  00:0C:29:F8:F9:81
ens33 (ens33) fe80::19ae:fc6a:5310:718b/64 ethernet up 1500  00:0C:29:F8:F9:81
lo    (lo)    127.0.0.1/8                  loopback up 65536
lo    (lo)    ::1/128                      loopback up 65536

**************************ROUTES**************************
DST/MASK                      DEV   METRIC GATEWAY
192.168.7.0/24                ens33 100
169.254.0.0/16                ens33 1000
0.0.0.0/0                     ens33 100    192.168.7.1
::1/128                       lo    0
fe80::19ae:fc6a:5310:718b/128 lo    0
fe80::/64                     ens33 256
ff00::/8                      ens33 256

 

You can also perform a TCP null scan to fool a firewall. 

linuxhelp ~ # nmap -sN 192.168.7.232

Starting Nmap 7.01 ( https://nmap.org ) at 2018-02-18 04:23 IST
Nmap scan report for 192.168.7.232
Host is up (0.00032s latency).
Not shown: 998 closed ports
PORT    STATE         SERVICE
22/tcp  open|filtered ssh
111/tcp open|filtered rpcbind
MAC Address: 00:0C:29:7F:EC:FD (VMware)

Nmap done: 1 IP address (1 host up) scanned in 95.17 seconds

With this, this tutorial on how to install and use Nmap on Linux Mint comes to an end. 
 

FAQ
Q
Aggressive and obtrusive Scan in Nmap?
A
Aggressive and obtrusive Scan

Not like the earlier commands this scan is very aggressive and very obtrusive. The option -A will tell nmap to perform OS checking and version checking. The -T4 is for the speed template, these templates are what tells nmap how quickly to perform the scan.

"$ nmap -T4 -A 0.0.0.0"
Q
How to Scan for all ports TCP and UDP in Nmap?
A
This command require a root privileges and it is the same as above however by specifying the full port range from 1 to 65535 nmap will scan to see if the host is listening on all available ports. You can use the port range specification on any scan that performs a port scan.

"# nmap -sS -sU -PN -p 1-65535 0.0.0.0"
Q
How to install Nmap on Debian?
A
For the installation of the Nmap on Debian, use the following link as given below "https://www.linuxhelp.com/how-to-install-nmap-on-debian-9-0/"
Q
How to install Nmap on ParrotOS?
A
For the installation of Nmap on Debian, use the following link as given below "https://www.linuxhelp.com/how-to-install-nmap-tool-on-parrotos-3-9/"
Q
How to get the information and option to be available for the Nmap?
A
Get the information and option to be available for the Nmap, run the following command on the terminal, "sudo nmap --help" (or) "man nmap"