Discover open TCP ports, detect service version and operating system
Here is a TCP Port Scan with Nmap sample report:
Allows you to discover which TCP ports are open on your target host and also to detect service information, operating system version and to do traceroute.
The scanner is helpful for quick port scans but also for lengthy scans which can take multiple hours. The results are accurate since our servers have direct Internet connection. Furthermore, the scanner is optimized for best performance and quality results.
Check if your servers exposed to the Internet have unnecessary open TCP ports. By also looking at the service versions, you can find which server software is outdated and needs to be upgraded.
You can scan a range of IP addresses to map the live hosts and TCP services exposed to the Internet. Find which machines are old and could be used by attackers to break the perimeter and gain access to the internal network.
Parameter | Description |
---|---|
Target | This is the hostname or IP address(es) to scan |
Ports to scan - Common | This option tells Nmap to scan only the top 100 most common TCP ports (Nmap -F). This is the default scan option. |
Ports to scan - Range | You can specify a range of ports to be scanned. Valid ports are between 1 and 65535 |
Ports to scan - List | You can specify a comma separated list of ports to be scanned |
Detect service version | In this case Nmap will try to detect the version of the service that is running on each open port. This is done using multiple techniques like banner grabbing, reading server headers and sending specific requests |
Detect operating system | If enabled, Nmap will try to determine the type and version of the operating system that runs on the target host. The result is not always 100% accurate, depending on the way the target responds to probe requests |
Do traceroute | If enabled, Nmap will also do a traceroute to determine the path packets take from our server to the target server, including the ip addresses of all network nodes (routers) |
Don't ping host | If enabled, Nmap will not try to see if the host is up before scanning it (which is the default behavior). This option is useful when the target host does not respond to ICMP requests but it is actually up and it has open ports |
SYN
packets to each port. If a port responds with SYN-ACK
, it is flagged as open and a RST
is sent back by our tool. This way there is no full TCP connection established with the target host.