Loading...

TCP Port Scan with Nmap 10 Credits

Discover open TCP ports, detect service version and operating system

Sample Report

|

Use Cases

|

Technical Details

Sample Report

Here is a TCP Port Scan with Nmap sample report:

  • Shows the open TCP ports, services and version information
  • Includes operating system information and reverse DNS results
  • The original Nmap output is also included

TCP Port Scan with Nmap - Use Cases

Allows you to discover which TCP ports are open on your target host and also to detect service information, operating system version and to do traceroute.

Network Penetration Testing

The scanner is helpful for quick port scans but also for lengthy scans which can take multiple hours. The results are accurate since our servers have direct Internet connection. Furthermore, the scanner is optimized for best performance and quality results.

Self-Security Assessment

Check if your servers exposed to the Internet have unnecessary open TCP ports. By also looking at the service versions, you can find which server software is outdated and needs to be upgraded.

Asset Inventory

You can scan a range of IP addresses to map the live hosts and TCP services exposed to the Internet. Find which machines are old and could be used by attackers to break the perimeter and gain access to the internal network.

Technical Details


About

Network ports are the entry points to a machine that is connected to the Internet. A service that listens on a port is able to receive data from a client application, process it and send a response back. Malicious clients can sometimes exploit vulnerabilities in the server code so they gain access to sensitive data or execute malicious code on the machine remotely. That is why testing for all ports is necessary in order to achieve a thorough security verification.

Port scanning is usually done in the initial phase of a penetration test in order to discover all network entry points into the target system. Port scanning is done differently for TCP ports and for UDP ports that's why we have different tools.


Parameters

Parameter Description
Target This is the hostname or IP address(es) to scan
Ports to scan - Common This option tells Nmap to scan only the top 100 most common TCP ports (Nmap -F). This is the default scan option.
Ports to scan - Range You can specify a range of ports to be scanned. Valid ports are between 1 and 65535
Ports to scan - List You can specify a comma separated list of ports to be scanned
Detect service version In this case Nmap will try to detect the version of the service that is running on each open port. This is done using multiple techniques like banner grabbing, reading server headers and sending specific requests
Detect operating system If enabled, Nmap will try to determine the type and version of the operating system that runs on the target host. The result is not always 100% accurate, depending on the way the target responds to probe requests
Do traceroute If enabled, Nmap will also do a traceroute to determine the path packets take from our server to the target server, including the ip addresses of all network nodes (routers)
Don't ping host If enabled, Nmap will not try to see if the host is up before scanning it (which is the default behavior). This option is useful when the target host does not respond to ICMP requests but it is actually up and it has open ports


How it works

The tool is a web interface for the well known Nmap, which is executed with the proper parameters in order to provide speed and accuracy.

The scanning is done by sending packets to each port and listening for replies. The utilized scanning technique is called 'SYN scan', which sends TCP SYN packets to each port. If a port responds with SYN-ACK, it is flagged as open and a RST is sent back by our tool. This way there is no full TCP connection established with the target host.