JMM’s notes on

nmap

Because I need to find my printer’s IP address

Simple scan

Mostly just to figure out what hosts are on the network:

$ nmap -n 192.168.1.0-254
Starting Nmap 7.94 ( https://nmap.org ) at 2024-01-29 13:37 PST
Nmap scan report for 192.168.1.░░
Host is up (0.012s latency).
Not shown: 994 closed tcp ports (conn-refused)
PORT     STATE SERVICE
21/tcp   open  ftp
80/tcp   open  http
443/tcp  open  https
515/tcp  open  printer
631/tcp  open  ipp
9100/tcp open  jetdirect

Nmap scan report for 192.168.1.░░
Host is up (0.0074s latency).
All 1000 scanned ports on 192.168.1.░░ are in ignored states.
Not shown: 1000 closed tcp ports (conn-refused)

Nmap scan report for 192.168.1.░░
Host is up (0.00014s latency).
Not shown: 996 closed tcp ports (conn-refused)
PORT     STATE SERVICE
22/tcp   open  ssh
80/tcp   open  http
81/tcp   open  hosts2-ns
8000/tcp open  http-alt

Nmap scan report for 192.168.1.░░░
Host is up (0.057s latency).
Not shown: 998 closed tcp ports (conn-refused)
PORT    STATE SERVICE
80/tcp  open  http
443/tcp open  https

Nmap done: 255 IP addresses (4 hosts up) scanned in 36.63 seconds

You can just do a ping scan like so:

$ nmap -sn -n 192.168.1.0-254 -oG -
# Nmap 7.94 scan initiated Mon Jan 29 13:33:37 2024 as: nmap -sn -n -oG - 192.168.1.0-254
Host: 192.168.1.░░ ()	Status: Up
Host: 192.168.1.░░ ()	Status: Up
Host: 192.168.1.░░ ()	Status: Up
Host: 192.168.1.░░░ ()	Status: Up
# Nmap done at Mon Jan 29 13:33:38 2024 -- 255 IP addresses (4 hosts up) scanned in 7.27 seconds

Where -n prevents DNS resolution, -sn does the actual scan, and -oG - puts greppable output to stdout.

You can also play around with -oX - to output XML.