nmap
Diagnostics: NMap
true
yes
Scan
IP or Hostname
hostname
Enter the IP address or hostname that you would like to scan.
input
-sT
option
This is the most basic form of TCP scanning. The connect() system call provided by your operating system is used to open a connection to every interesting port on the machine. If the port is listening, connect() will succeed, oth- erwise the port isn't reachable. One strong advantage to this technique is that you don't need any special privileges. Anyuser on most UNIX boxes is free to use this call.
radio
TCP connect() scan.
-sP
option
Ping scanning: Sometimes you only want to know which hosts on a network are up. Nmap can do this by sending ICMP echo request packets to every IP address on the networks you specify. Hosts that respond are up. Unfortunately, some sites such as microsoft.com block echo request packets. Thus nmap can also send a TCP ack packet to (by default) port 80. If we get an RST back, that machine is up. A third technique involves sending a SYN packet and waiting for a RST or a SYN/ACK. For non-root users, a connect() method is used.
radio
Ping scanning
-sU
option
This method is used to determine which UDP (User Datagram Protocol, RFC 768) ports are open on a host. The tech- nique is to send 0 byte UDP packets to each port on the target machine. If we receive an ICMP port unreachable message, then the port is closed. Otherwise we assume it is open. Unfortunately, firewalls often block the port unreachable messages, causing the port to appear open. Sometimes an ISP will block only a few specific dangerous ports such as 31337 (back orifice) and 139 (Windows NetBIOS), making it look like these vulnerable ports are open. So don't panic immediately. Unfortunately, it isn't always trivial to differentiate between real open UDP ports and these filtered false-positives.
radio
UDP Scanning
-P0
Do not try to ping hosts at all before scanning them.
noping
This allows the scanning of networks that don't allow ICMP echo requests (or responses) through their firewall. microsoft.com is an example of such a network, and thus you should always use -P0 or -PT80 when portscanning microsoft.com. Note tht "ping" in this contect may involve more than the traditional ICMP echo request packet. Nmap supports many such probes, including arbi- trary combinations of TCP, UDP, and ICMP probes. By default, Nmap sends an ICMP echo request and a TCP ACK packet to port 80.
checkbox
$nmap_options = "";
if($_POST['option'] == "-sT: TCP connect() scan.") $nmap_options .= " -sT";
if($_POST['option'] == "-sP: Ping scanning") $nmap_options .= " -sP";
if($_POST['option'] == "-sU: UDP Scanning") $nmap_options .= " -sU";
if($_POST['noping']) $nmap_options .= " -P0";
$nmap_options .= " " . $_POST['hostname'];
system("/usr/local/bin/nmap" . $nmap_options);