Open Port Scanning and OS Detection

Disclaimer – Our tutorials are designed to aid aspiring pen testers/security enthusiasts in learning new skills, we only recommend that you test this tutorial on a system that belongs to YOU. We do not accept responsibility for anyone who thinks it’s a good idea to try to use this to attempt to hack systems that do not belong to you

First I want to start off with a little warning: Please be careful using the more aggressive functions of Nmap against hosts you do not own or do not have permission to scan. It may be against your ISP’s terms to use some Nmap features.

Open Port Scanning and OS Detection

Let’s start with a ping scan on an IP range to determine live hosts using the following command:

nmap -sP 192.168.0.0-100

Next we will start a SYN scan with OS detection on one of the live hosts using the following command:

nmap -sS [ip address] -O

Now we will start an open port scan with version detection using the following command:

nmap -sV 192.168.0.1 -A

When we add -v to the command we can increase the verbosity :
nmap -sV 192.168.0.13 -A -v