The Basics of nmap

Nmap is a powerful utility, but it's somewhat difficult for the novice to understand. There are approximately fifteen different scanning methods within nmap, twenty different options to use when scanning, and the output of nmap can be presented in at least four different ways. Within all of these choices, there are timing variable and packet delay settings that can be tweaked and altered. Although these seem almost overwhelming to the uninitiated, these options have been designed to provide complete customization of the scanning process.

It's easy to understand how to use nmap, but it's more difficult to understand which options to use under which circumstances. After the scan type has been determined, it's equally complex to interpret the results. Each scan type has advantages and disadvantages, and this tutorial will show how every possible scan type can be used for maximum effectiveness.

Most of this tutorial will focus on using nmap in its native form at the command line. The command line requires a bit more typing than a graphical interface, but knowledge of the command line assures that nmap could be used across any platform, operating system, or console. Although a graphical front-end isn't always available, this tutorial will also provide an overview of nmap's front-end capabilities and how they relate to the nmap command-line utility.