In this tutorial we will cover the steps needed to scan for open ports using nmap in CentOS 6.4, Debian or Ubuntu platform.

Requirements

  • CentOS 6.4, Debian or Ubuntu installed on your computer/server
  • SSH access (Command line access to the server)
  • root privileges
  • Basic skills for working on a Linux environment

The ports are associated with the transport layer of the OSI network model. The purpose of ports is to uniquely identify different applications or processes running on a single computer. The data packets can be routed to the corresponding application during the communication session when port number is specified with the IP address.

The ports are identified by a number ranging from 1 to 65535 (216). They are divided into three groups: well-known ports, registered ports, and the dynamic or private ports. The core network services usually use port numbers (well-known ports) less than 1024. The registered ports are those from 1024 through 49151 and dynamic (private) ports are those from 49152 through 65535.

Here is a list of some of the most popular port number:

  • 21 FTP
  • 22 SSH
  • 25SMTP
  • 80 HTTP
  • 110 POP3
  • 143 IMAP
  • 443 HTTPS

You can find a list of the most common port numbers on your Linux platform inside a file called:

Despite the fact that most of the applications are configured by default to use certain port they can be re-configured to use other port number without affecting their functionality.

In order to make sure that our server is secured we should perform a port scanning procedure in order to determine which port numbers are open on our system and if needed close some of them. Nmap is a powerful tool which can provide detailed information about a host (or whole range of IP addresses). Large amount of options are available with the command so the output from the command might differ.

Install nmap

We can install nmap using the default package manager included on the Linux platform:

CentOS 6.4:

Debian/Ubuntu:

You will be prompted to accept the installation and additional packages required by nmap might be installed.

Perform a scan

A full nmap option list can be displayed with:

Here are some scan examples:

Check the remote host operating system:

OS detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 3.13 seconds

Scan specific port number or range of numbers

Nmap done: 1 IP address (1 host up) scanned in 0.17 seconds

Determine the service version:

OS detection, service version detection, script scanning, and traceroute