Network Scanning
Challenge Gallery
Quick Reference
| Command | What It Does |
|---|---|
nmap 10.0.0.5 |
Scan top 1000 TCP ports |
nmap -sS 10.0.0.5 |
SYN scan (stealthy, needs root) |
nmap -sT 10.0.0.5 |
TCP connect scan (no root needed) |
nmap -sU 10.0.0.5 |
UDP scan (slow, needs root) |
nmap -sV 10.0.0.5 |
Detect service versions |
nmap -O 10.0.0.5 |
Detect operating system |
nmap -p 22,80,443 10.0.0.5 |
Scan specific ports |
nmap -p- 10.0.0.5 |
Scan all 65535 ports |
nmap -sn 10.0.0.0/24 |
Host discovery (ping sweep) |
nmap --top-ports 100 10.0.0.5 |
Scan top 100 common ports |
Common Ports
| Port | Service | Protocol |
|---|---|---|
| 22 | SSH | TCP |
| 53 | DNS | TCP/UDP |
| 80 | HTTP | TCP |
| 443 | HTTPS | TCP |
| 445 | SMB | TCP |
| 3306 | MySQL | TCP |
| 3389 | RDP | TCP |
| 5432 | PostgreSQL | TCP |
| 8080 | HTTP Proxy | TCP |
| 8443 | HTTPS Alt | TCP |
Port States
| State | Meaning |
|---|---|
| open | A service is actively listening |
| closed | Port is reachable but no service is listening |
| filtered | Firewall is blocking — cannot determine open or closed |
| unfiltered | Port is reachable but nmap cannot tell if open or closed |
| open|filtered | Cannot distinguish between open and filtered (common in UDP) |