Port Scanning Techniques

The following series of tutorials shows how to perform port scanning for different networking activities with NMAP.

This content is a preview from the book – NMAP Tutorials for Network administrators

Buy from Amazon

How to find a printer on a network

The tutorial shows how a network printer can be identified using nmap. Every network printer port has a specific port number which is available in the specification. For ex, HP printers use the default port TCP 9100. The vendor for the printer needs to be identified, following which the specification document can be used to find the port number which the printer uses. Once the port number is identified a TCP scan on the network can be used to find IP addresses which has the port numbers which would correspond to the IP address of the printer. The following command can be used to find the IP address of a printer with the port number on the network 192.168.2.0/24 nmap -p T:9100 192.168.2.0/24

How to find ports open on your internet router

The tutorial explains how to find the ports open on an internet router. It is very important to find ports which are open on your internet router and disable unwanted ports, or it would increase the risk of an attacker to perform reconnaissance activities to gain illegal access to the router. The first step is to find the public IP address of the router. This can be viewed by logging into the router and checking the status tab for the internet adapter. Once the IP address is found out, setup nmap on a laptop/ system and connect to the internet using a different internet connection (Like wireless USB). Use nmap to scan the public IP address of the internet router for identifying open ports.The following nmap command would perform an intense scan on the routers public IP address and would display the open ports.

nmap -T4 -A -v IPADDRESS

How to find proxy servers on a network

The tutorial shows how nmap can be used to find proxy servers on a network.
Typically proxy servers work on TCP port 8080. nmap can be used to scan a
network for TCP port 8080. The following command shows the appropriate
command.

nmap -p T:8080 192.168.1.0/24

The above command scans the network 192.168.1.0/24 for TCP port 8080 and
displays the IP addresses which have the port open.

Buy from Amazon

The above content is a preview from the book – NMAP Tutorials for Network administrators