In order to detect various available hosts on the network, the services they’re offering, the version of operating system they’re running, and the type of firewall they are using, nmap uses the raw IP address. Whenever we’re having connectivity issues of network or firewall configuration, the first thing we check is which ports are open. There are several commands available to check open ports and scan them on your system, but nmap is the most used command for this purpose. In this article, we’ll discuss how to scan all open ports with nmap on your Linux system.

Open Ports

Applications listen to various network ports and these ports can be open or closed through a firewall. Here open ports are those that are accepting incoming packets from a location and they can pose a security risk as such ports can be used by various attackers. Hence, we need to keep a check on ports that are open and close all the unnecessary ones not needed for any functionality. In order to scan various open ports on our system, we’ll use the command nmap.

Installing Nmap

Before scanning any open ports we need to have nmap installed on our Linux system. Use one of the following options to install nmap on your system first:

On Ubuntu, Debian, & Linux Mintsudo apt update && sudo apt install namp On CentOS, RHEL, & FedoraNow that our packages are updated we’re all set to install nmap and for this execute the command given below:sudo dnf install nmap

Scanning of ports using nmap command

We can scan any port, a range of IP addresses, or any host we can use the nmap command in the following way:

  1. To scan a hostname we can execute the following commands: You can also run nmap without sudo but an unprivileged scan uses -sT (TCP Connect) while privileged (root) uses -sS (TCP SYN Stealth).
  2. To tell nmap to scan all the TCP ports we use “sT” along with nmap and “-O” is used here for OS detection. The output shows that 80, 443, and 3306 ports are open.
  3. In case we want to perform a SYN scan that performs only half of the tcp handshakes we use “-sS” along with the nmap command in the following way:
  4. In order to tell nmap to scan all the UDP ports instead of TCP we use “-sU” and we’ll specify the port 80, 130 and 255 using -p along with nmap command: Here the output shows that all the UDP ports that we specified in order to scan are closed.

Scan using “-v” with nmap

  1. In order to get more information about the system and open ports you’ve to use the “-v” option along with nmap as we did in the below example:
  2. This way we can get all the detailed information about the machine as well as all the ports that are open.

Scan multiple hosts with nmap

  1. More than one hostname or IP addresses can be scanned using nmap by simply mentioning them with space in between as below:

Scan single or multiple ports

  1. Nmap can be used to scan various ports as well as a specific port as demonstrated below by the example:
  2. Here we’re scanning the port 80 on the provided ip address with the output telling us that it is closed. Now to scan a range of ports from 1-200 we’ll use the below command:
  3. Now to perform a fast scan on the system we use “-F” along with the nmap command in the following way:

Scan whole subnet with nmap

  1. In case you want to scan the whole range of IP or subnet we use “*” in the following way: This command scanned the whole subnet and provided us the result of each host and ports available on them. In this way, we can perform various scans on IP addresses, specific hosts and check all the ports. Furthermore, a specific port or range of ports can be specified as shown above in the examples.

Conclusion

Checking ports open on a network is extremely crucial as any open port can easily be attacked by hackers and cause security threats. That’s why it is important to perform a scan and check all the open ports and if they’re not in use, close them. Nmap is the command commonly used for the purpose of scanning the ports. In this article, we discussed how to scan open ports on Linux systems using nmap along with examples to demonstrate the use of these and various options to further specify the use.