Book Image

NMAP Essentials

By : David Shaw
Book Image

NMAP Essentials

By: David Shaw

Overview of this book

Table of Contents (17 chapters)
Nmap Essentials
Credits
About the Author
About the Reviewers
www.PacktPub.com
Preface
Index

Specified scan ranges


We learned earlier that by default, Nmap only scans the top 1000 ports. However, services can be put online on any of the 65,535 ports that exist—not just the most common ones. Many system administrators and network engineers run services on very high ports such as 65,001, so that they aren't detected by normal scans. Security through obscurity, though, never really works!

It's possible to specify a specific port range by using the -p flag. So, if you want to only scan port 80 on scanme.nmap.org, you can type nmap -p 80 scanme.nmap.org. The port specification flag works for ranges too—so, in another example, nmap -p1-1024 scanme.nmap.org will scan ports 1 to 1024 (all privileged ports) on the target host.

There's also a useful trick to scan all 65,535 ports on a machine: instead of typing -p1-65535, you can simply use the shortcut -p-. The Nmap developers were kind and insightful enough to realize that typing the number "65,535" a lot gets quite tiring!

Although we're...