How To Scan All Ports with nMap
While open ports are necessary for any type of communication across the internet, they can be risky for your online security. That’s why you need an open-source port checking tool like Nmap to help determine which ports need to be closed. This tool can also give you insight into how well your security configuration and firewall perform.
In this article, we’ll show you how to scan all ports using the Nmap program. We’ll also explain what port scanning is and why it’s so useful.
Scan All Ports with Nmap
Nmap or Network Mapper is a network tool used for scanning services, operating systems, and hosts within a computer network. This program was first developed for Linux, but now it can be used on other operating systems, like Windows, macOS, and BSD. Some of the most important features of Nmap include port scanning, host discovery, version detection, network inventory, TCP, or IP stack fingerprinting, etc. Today, we’ll focus on scanning for open ports.
Port scanning is a process that lets you determine which ports within a network are open and which are closed. If a port is open, it’s configured to accept packets, which are groups of data sent over computer networks. To put it simply, open ports are used for sending and receiving information. Once you scan all your ports, you can determine which ones are open and possibly exposing your network’s sensitive information.
There are over 65,000 ports, and Nmap can help you scan all of them. This program offers scanning mechanisms, including discovery, default, aggressive, safe, external, malware, version, dos, exploit, broadcast, and more. Depending on the scanning mechanism you choose, you can end up with different results. For example, using the safe scan won’t cause the target to crash when scanning all ports. If you want to find vulnerabilities in the system, you need to use an aggressive scan.
Nmap lets you scan all ports, a single port, or a series of ports. There’s even a command to scan the 100 most used ports. The Nmap command you will need to scan all ports is “nmap –p– 192.168.0.1,” which scans ports 0 through 65,535.
If you want to scan a single port, the command to enter is “nmap -p 22 192.168.1.1.” For scanning a range of ports, you would need to insert the following command in the Nmap window: “nmap -p 1-100 192.168.1.1.” Finally, for scanning the 100 most common ports, the corresponding command is “nmap -F 192.168.1.1.”
You may notice that the commands for the 100 most common ports and all ports are almost identical, the only difference being the initial letter (“F” and “p”). This is why you need to be careful when pasting the code in the dialogue box.
The most basic way to use Nmap to scall all ports is to launch the program, enter the corresponding command, and wait for the scan to be completed. Keep in mind that it will take Nmap some time to scan all ports, approximately 10 to 15 minutes for the entire scanning process, given that this program needs to scan over 65,000 ports. To run the scan, you need a target. Your target can be an IP address, a network range, a hostname, etc.
The first step is to download Nmap. You can find different versions of Nmap for specific operating systems, including Windows, Linux (RPM), macOS, and any other OS. Note that to use Nmap for any task, you need to have an administrator account. To search for all ports on your network, first, you need to know your hostname. Here’s how it’s done:
- Press the “Windows” and “R” keys at the same time. This will launch the “Run” dialog.
- Enter “
cmd” in the box and click on “OK.”
- Type in “
ipconfig /all” in the Command Prompt window.
- Copy your hostname, which is under “Windows IP Configuration.”
Now that you have your hostname, you can close this window and open Nmap. This is what you need to do next:
- Paste the hostname in the “Target” box.
- Next to “Command,” paste “nmap –p– 192.168.0.1” to scan all ports.
- Click on the “Scan” button in the upper-right corner of the program.
Once the scan is over, Nmap will return a list of ports that all have different states. Other than open and closed, ports can also be filtered, unfiltered, open/filtered, and closed/filtered.
What Other Types of Scans Can Nmap Perform?
There are different types of scan techniques, and they can even be combined for a specific task. Some of them can only be performed by professionals, as they require root access on Unix systems.
Note that you can only use one method at a time. There are some exceptions, like UDP and SCTP scans combined with TCP scans. Nmap uses the SYN scan by default, which is also known as half-open scanning. This type of scan can be used for scanning thousands of ports in just seconds. The SYN scan requires the following command “nmap -sT 192.168.1.1.” When the scan is complete, it sends an SYN message only to Nmap.
You also have the option to choose scans using TCP connect, UDP port scanning, and more. Ping scans are also quite common. They’re the simplest port scans, which take the form of internet control message protocol (ICMP) requests. We also have XMAS scans, which are also known as the “sneakiest” port scanning mechanisms since they are rarely blocked by firewalls.
The most important objective of Nmap and other types of port checkers is to find open ports. As useful as it is, an open port can be seen like an open window. It’s always at risk of a cyber-attack.
Some of the most common open ports are HTTP (80), Proxy (3128), FTP (21), SSH (22), DNS (53), SMTP (25), DHCP (67, 68), SFTP (115), IMAP (143), LPD (515), rsync (873), etc.
Some might assume that closed ports aren’t accessible, but this isn’t the case. Nmap’s probe packets can reach closed ports, but they won’t respond to them. In other words, if you can send packets to closed ports, they will ignore them.
If a closed port is protected by a firewall, it’s then called a filtered port. If you send a packet to a filtered post, it will be able to reach it. It will just be blocked by the firewall. Sometimes, you can run across unfiltered ports, which are ports that may be open or closed; Nmap just can’t tell which of the two it is.
Restore Network Security and Stability With Nmap
Nmap may seem complicated to use initially, but you don’t have to be a professional IT specialist to run the most basic commands. You can use Nmap to scan all ports, one port, a selection of ports, and the 100 most common ports. If you want to scan all ports, Nmap will tell you which ports are open, which will tell you whether they’re vulnerable to cyber-attacks.
Have you ever tried to use Nmap to scan all ports? What type of scanning mechanism did you use? How many open ports did the program find? Let us know in the comments section below.