10 Nmap Scans Every Beginner Must Learn - Flashcards

on

10 Nmap Scans Every Beginner Must Learn

Scan 1 of 10

Scan Type

Ping Sweep

(Click to see flags & logic)

Execution & Use Case

#
  • To understand the stealth scan, you first have to understand the standard TCP Three-Way Handshake. 
  • In a normal connection (like when you load a website), your computer sends a SYN (synchronize) packet, the server responds with a SYN/ACK (acknowledge), and your computer sends back an ACK. 
  •  Nmap’s stealth scan breaks this rule. When Nmap sends a SYN packet and receives a SYN/ACK (meaning the port is open), it immediately sends a RST (reset) packet instead of an ACK.
Note : While -sS is powerful, remember that it requires root/sudo privileges in Kali Linux. This is because Nmap needs to craft "raw" packets rather than letting the operating system handle the connection. If you run Nmap without sudo, it will usually default to the noisier TCP Connect Scan.

Common Nmap Errors & How to Fix Them

While using nmap we run into issues. If your scan isn't working as expected, it’s usually one of these three common problems. Here is how to identify and fix them in seconds.

1. "Requested packet type requires root privileges"

The Error: You try to run a Stealth Scan (-sS) or OS Detection (-O) and Nmap denies the request.

  • The Cause: Certain Nmap scans require the ability to send "raw" packets. Only the root user has permission to do this in Linux.

  • The Fix: Simply add sudo to the beginning of your command.

    • Correction: sudo nmap -sS [target]

2. "Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn"

The Error: Nmap tells you the host is down, but you know the website or device is active.

  • The Cause: By default, Nmap "pings" a target to see if it’s alive before scanning it. Many modern firewalls and Windows machines block ICMP (Ping) requests to stay hidden.

  • The Fix: Use the -Pn flag. This tells Nmap to skip the ping discovery and treat the host as if it is online.

    • Correction: nmap -Pn [target]

3. "0 hosts up" when scanning a local network

The Error: You scan your local network range (e.g., 192.168.1.0/24) and get zero results.

  • The Cause: This usually happens if your Kali Linux machine is on a different network than your targets, or if your Virtual Machine is set to NAT instead of Bridged Adapter.

  • The Fix: 1. Check your IP address with ip a. 2. Ensure your VM network settings are set to Bridged or a Host-Only network that includes your targets. 3. Try using -PR (ARP Scan), which is much more effective on local Ethernet networks.

?

About the Creator

Dedicated to making cybersecurity and kali linux contents accessible to everyone. Our goal is to provide interactive learning tools and guides that help beginners bridge the gap between theory and practice.

⚠️ Legal Disclaimer

The information provided in this post, including the nmap commands and flashcards, is for educational and ethical purposes only. Unauthorized access to computer systems is illegal. Always ensure you have explicit permission before testing any network or system. The author is not responsible for any misuse of this information.

Comments

Post a Comment