Port scanning—the Nmap way
Nmap is the most powerful and preferred scanner for security professionals. The usage of Nmap varies from novice to an advanced level; we will analyze the various scan techniques in detail.
Getting ready
You run Nmap directly from msfconsole
, as you normally would from the command line. However, if you want to import the results into the Metasploit database, you need to run the Nmap scan using the -oX
flag, followed by the desired filename to generate the XML output file, and then issue the db_import
command to populate the Metasploit database.
How to do it...
Starting Nmap from Metasploit is easy:
- LaunchÂ
msfconsole
and type innmap
to display the list of scan options that Nmap provides:
msf > nmap
- The
TCP connect [-sT]
scan is the most basic and default scan type in Nmap. It follows the three-way handshake process to detect the open ports on the target machine. Let's perform this scan on one of our targets:
msf > nmap -sT 192.168.216.10 [*] exec: nmap -sT 192.168...