The field Command is among the most important ones to who wants to learn how Nmap works, it shows the commands used by Nmap you are executing through the GUI interface as if you were typing on the console. Next to the Scan field you can find a drop down menu called Profile showing different scan options including, intense scan, regular scan, ping and more, also your profiles if you created customized scans. If you run Zenmap or Nmap as root scans are SYN by default. The scan is Connect and not SYN because Zenmap wasn’t launched as root. The image below shows a regular Connect or TCP scan without options against the port range 192.168.0.1 and 192.168.0.10. just like when defining targets through console. Going back to the main screen, on the first field Target you can define target/s by IP address, IP range, whole octet, etc. The tab Other has additional options such as packet fragmentation, traceroute, verbosity, debugging and additional options shown in the image below.įinally, the tab Timing will allow you to limit the scan time, probes timing, simultaneous scans, delays and additional options related to timing. The tab Source allows to hide your IP address for example by forging a fake address (spoofing), or a specific source port considering some iptables rules may restrict or allow traffic from specific ports, here you can also set the Ethernet device. Within the Profile menu, next to the Scripting submenu you can find the Target tab which allows to define targets in a variety of ways. Next to the Ping tab, on the Scripting submenu tab you can access the NSE (Nmap Scripting Engine) to add plugins to your scan such as vulnerability scan, bruteforce, traceroute additional features and more. Next to the Scan tab submenu you can find the Ping submenu to enable or disable different discovery methods or probes. Profile: this menu allows to create and edit profiles with predefined options, here you can define the type of Scan on the second TAB after the Profile submenu tab to choose between TCP,SYN, ACK FIN, idle scan, OS detection and others. Tools: this menu allows to compare scan results, search among results and filter hosts. Scan: from this menu you can save and open scan results. Zenmap interface is very intuitive, these are the options of the top menu: Raw packets are sent through a lower level packet restricted for non-root users.Īlso when launching Zenmap from the graphical interface you’ll find the option to run it as root as shown two images above. When launching Zenmap, or Nmap, as an unprivileged user you’ll be limited to execute scans requiring raw packets.
While it is easy to use for users who know the theory behind networking some users find difficult or don’t like to interact with the terminal or console, this tutorial explains how to install and use Zenmap, the Nmap graphical interface, a friendly interface for users unfamiliarized with terminals or even MS-Windows users, additionally when using Zenmap it will display the commands used, so using Zenmap would be a good introductory way to learn to use it through the console. Nmap works by analyzing packet responses contrasting them to rules and standards of protocols. Nmap is among the most useful tools for network administrators to diagnose network problems, security auditing and even offensive security, often called the “Swiss Army knife” for sysadmins and hackers Nmap constituted a revolutionary tool which until today leads the market.