Nmap, short for Network Mapper, is an open-source and cross-platform tool used for network discovery and vulnerability scanning. It is mostly used by network administrators and security professionals to discover live hosts in a network and perform a security audit. It scans all the live hosts in a network and displays a wide range of information including device name, IP address, list of open ports, services, OS type and so much more.
In this tutorial, we explore how to install Nmap on Fedora 34/35.
Install Nmap on Fedora using DNF package manager
Nmap is available in the default Fedora Project repositories and can be installed using the dnf package manager as follows:
$ sudo dnf install nmap
Install Nmap on Fedora using snap packages
Alternatively, you can install Nmap from snap. But first, you must ensure that Snapd daemon is enabled. To do so, enable snapd as shown.
$ sudo dnf install snapd
Next, enable snap classic support
$ sudo ln -s /var/lib/snapd/snap /snap
With snap installed and enabled, install Nmap as shown.
$ sudo snap install nmap
Using Nmap with command-line examples
With Nmap installed, let us now explore how you can use Nmap to scan your hosts. Nmap uses a basic syntax as follows.
$ nmap [ ip-address ] or [ domain-name ]
For example, to scan your system, run the command:
$ nmap localhost
To scan a remote host, you can specify an IP address or domain name. For example, you can scan a remote host by providing its IPv4 address as shown.
$ nmap 192.168.2.101
Alternatively, you can also provide its domain name. Here, cjs.co.ke is the domain name.
$ nmap cjs.co.ke
In addition, you can scan an entire subnet, using the CIDR notation as shown. For instance, here, we are scanning all the hosts in the 192.168.2.0 subnet.
$ nmap 192.168.2.0/24
From the output, you can see that three active hosts have been discovered in the network and their details such as open ports have been displayed.
To narrow down to scanning specific ports, use the -p option. Here, we are scanning the host for port 80 only.
$ nmap -p 80 192.168.2.104
You can scan multiple ports as shown.
$ nmap -p 80,22 192.168.2.104
The -sV option displays the version of running services. This comes in handy when enumerating hosts to check which services are outdated and need to be updated.
$ nmap -sV 192.168.2.104
To probe for the OS ( Operating System ) information use the -O option. Be advised that the scan provides the type of OS but doesn’t give an accurate or exact OS version and kernel.
For help on Nmap command options, run the command below.
$ nmap --help
Nmap is an essential enumeration tool used in penetration testing and Ethical hacking to scan for vulnerabilities associated with outdated services which are easily exploitable. In this guide, we have covered the Nmap scanning tool and went ahead to demonstrate how you can use the tool to enumerate remote hosts and view open ports.