nmap -v -sT 192.168.0.0/24

nmap port scanning

TCP Connect scanning for localhost and network 192.168.0.0/24
Sample Output
Scanning 192.168.1.55 [1000 ports]
Discovered open port 22/tcp on 192.168.1.55
Discovered open port 80/tcp on 192.168.1.55
Discovered open port 21/tcp on 192.168.1.55
Completed Connect Scan at 12:35, 1.39s elapsed (1000 total ports)
Nmap scan report for 192.168.1.55
Host is up (0.013s latency).
Not shown: 997 closed ports
PORT   STATE SERVICE
21/tcp open  ftp
22/tcp open  ssh
80/tcp open  http
MAC Address: 00:1B:2F:2C:53:F4 (Netgear)

1
By: Dhinesh
2011-11-19 07:06:52

These Might Interest You

  • Where < target > may be a single IP, a hostname or a subnet -sS TCP SYN scanning (also known as half-open, or stealth scanning) -P0 option allows you to switch off ICMP pings. -sV option enables version detection -O flag attempt to identify the remote operating system Other option: -A option enables both OS fingerprinting and version detection -v use -v twice for more verbosity. nmap -sS -P0 -A -v < target >


    18
    nmap -sS -P0 -sV -O <target>
    starchox · 2009-02-18 07:32:03 4
  • Using NMAP to check to see if port 22(SSH) is open on servers and network devices. Show Sample Output


    6
    nmap -oG - -T4 -p22 -v 192.168.0.254 | grep ssh
    SeeFor · 2011-01-11 16:12:23 0
  • Today many hosts are blocking traditional ICMP echo replay for an "security" reason, so nmap's fast ARP scan is more usable to view all live IPv4 devices around you. Must be root for ARP scanning.


    -1
    nmap -sP -PR -oG - `/sbin/ip -4 addr show | awk '/inet/ {print $2}' | sed 1d`
    l3k · 2011-07-21 11:50:26 0
  • Change the -p argument for the port number. See "man nmap" for different ways to specify address ranges. Show Sample Output


    19
    nmap -sT -p 80 -oG - 192.168.1.* | grep open
    bendavis78 · 2009-02-11 17:47:27 0
  • Simple one-liner for scanning a range of hosts, you can also scan a range of ports with Netcat by ex.: nc -v -n -z -w 1 192.168.0.1 21-443 Useful when Nmap is not available:) Range declaration like X..X "for i in {21..29}" is only works with bash 3.0+ Show Sample Output


    9
    for i in {21..29}; do nc -v -n -z -w 1 192.168.0.$i 443; done
    rez0r · 2009-09-25 03:31:29 3
  • Usefull for when you don't have nmap and need to find a missing host. Pings all addresses from 10.1.1.1 to 10.1.1.254, modify for your subnet. Timeout set to 1 sec for speed, if running over a slow connection you should raise that to avoid missing replies. This will clean up the junk, leaving just the IP address: for i in {1..254}; do ping -c 1 -W 1 10.1.1.$i | grep 'from' | cut -d' ' -f 4 | tr -d ':'; done Show Sample Output


    15
    for i in {1..254}; do ping -c 1 -W 1 10.1.1.$i | grep 'from'; done
    SuperJediWombat · 2010-04-07 16:57:53 0

What do you think?

Any thoughts on this command? Does it work on your machine? Can you do the same thing with only 14 characters?

You must be signed in to comment.

What's this?

commandlinefu.com is the place to record those command-line gems that you return to again and again. That way others can gain from your CLI wisdom and you from theirs too. All commands can be commented on, discussed and voted up or down.

Share Your Commands



Stay in the loop…

Follow the Tweets.

Every new command is wrapped in a tweet and posted to Twitter. Following the stream is a great way of staying abreast of the latest commands. For the more discerning, there are Twitter accounts for commands that get a minimum of 3 and 10 votes - that way only the great commands get tweeted.

» http://twitter.com/commandlinefu
» http://twitter.com/commandlinefu3
» http://twitter.com/commandlinefu10

Subscribe to the feeds.

Use your favourite RSS aggregator to stay in touch with the latest commands. There are feeds mirroring the 3 Twitter streams as well as for virtually every other subset (users, tags, functions,…):

Subscribe to the feed for: