Nmap Security Scanner
*Ref Guide
Security Lists
Security Tools
Site News
Advertising
About/Contact
Credits
Sponsors





Intro Reference Guide Book Install Guide
Download Changelog Zenmap GUI Docs
Bug Reports OS Detection Propaganda Related Projects
In the Movies In the News
Index
Prev   

Index

Symbols

--allports, Exclude Directive, Service and Version Detection
--append-output, Output
--badsum, Firewall/IDS Evasion and Spoofing
--data-length, Firewall/IDS Evasion and Spoofing
--datadir, Using Customized Data Files, Miscellaneous Options
--defeat-rst-ratelimit, Timing and Performance
--dns-servers, Host Discovery
--exclude, Target Specification
--excludefile, Target Specification
--fuzzy, Usage and Examples
--help, Miscellaneous Options
--host-timeout, Timing and Performance
--iflist, Output
--initial-rtt-timeout, Timing and Performance
--interactive, Miscellaneous Options
--ip-options, Firewall/IDS Evasion and Spoofing
--log-errors, Output
--max-hostgroup, Timing and Performance
--max-os-tries, OS Detection
--max-parallelism, Timing and Performance
--max-retries, Timing and Performance
--max-rtt-timeout, Timing and Performance
--max-scan-delay, Timing and Performance
--min-hostgroup, Timing and Performance
--min-parallelism, Timing and Performance
--min-rate, Timing and Performance
--min-rtt-timeout, Timing and Performance
--mtu, Firewall/IDS Evasion and Spoofing
--no_stylesheet, Output
--open, Output
--osscan-guess, Usage and Examples, OS Detection
--osscan-limit, OS Detection
--packet-trace, Enabling Packet Tracing, Output
--privileged, Miscellaneous Options
--randomize-hosts, Firewall/IDS Evasion and Spoofing
--reason, Host Discovery
--release-memory, Miscellaneous Options
--resume, Resuming Aborted Scans, Output
--scan-delay, Timing and Performance
--scanflags, Port Scanning Techniques
--script, Command-line Arguments, Nmap Scripting Engine (NSE)
--script-args, Command-line Arguments, Nmap Scripting Engine (NSE)
--script-trace, Command-line Arguments, Nmap Scripting Engine (NSE)
--script-updatedb, Command-line Arguments, Nmap Scripting Engine (NSE)
--send-eth, Miscellaneous Options
--send-ip, Miscellaneous Options
--servicedb, Miscellaneous Options
--source-port, Firewall/IDS Evasion and Spoofing
--spoof-mac, Firewall/IDS Evasion and Spoofing
--sR, Service and Version Detection
--stylesheet, Output
--system-dns, Host Discovery
--T, Timing and Performance
--traceroute, Host Discovery
--ttl, Firewall/IDS Evasion and Spoofing
--unprivileged, Miscellaneous Options
--version, Miscellaneous Options
--version-all, --version-all, Service and Version Detection
--version-intensity, --version-intensity, Service and Version Detection
--version-light, --version-light, Service and Version Detection
--version-trace, Technique Demonstrated, Service and Version Detection
--versiondb, Miscellaneous Options
--webxml, Output
-6, Miscellaneous Options
-A, Usage and Examples, Miscellaneous Options
-b, Port Scanning Techniques
-d, Enabling Debugging Output, Output
-D, Firewall/IDS Evasion and Spoofing
-e, Firewall/IDS Evasion and Spoofing
-F, Well Known Port List: nmap-services, Port Specification and Scan Order
-f, Firewall/IDS Evasion and Spoofing
-g, Firewall/IDS Evasion and Spoofing
-h, Miscellaneous Options
-iL, Target Specification
-iR, Target Specification
-n, Host Discovery
-O, OS Detection
-oA, Output
-oG, Grepable Output (-oG), Output
-oN, Normal Output (-oN), Output
-oS, $crIpT kIddI3 0uTPut (-oS), Output
-oX, XML Output (-oX), Output
-p, Port Specification and Scan Order
-PA, Host Discovery
-PE, Host Discovery
-PM, Host Discovery
-PN, Host Discovery
-PO, Host Discovery
-PP, Host Discovery
-PR, Host Discovery
-PS, Host Discovery
-PU, Host Discovery
-R, Host Discovery
-r, Port Specification and Scan Order
-S, Firewall/IDS Evasion and Spoofing
-sA, Port Scanning Techniques
-sC, Command-line Arguments, Nmap Scripting Engine (NSE)
-sF, Port Scanning Techniques
-sI, Port Scanning Techniques
-sL, Host Discovery
-sM, Port Scanning Techniques
-sN, Port Scanning Techniques
-sO, Port Scanning Techniques
-sP, Host Discovery
-sR, RPC Grinding
-sS, Port Scanning Techniques
-sT, Port Scanning Techniques
-sU, Port Scanning Techniques
-sV, Usage and Examples, Service and Version Detection
-sW, Port Scanning Techniques
-sX, Port Scanning Techniques
-v, Controlling Verbosity of Output, Output
-V, Miscellaneous Options

A

ACK ping, Host Discovery
ACK scan, Port Scanning Techniques
adaptive retransmission, Timing and Performance
append, Functional Programming Style List Operations
apply, Functional Programming Style List Operations
ARP ping, Host Discovery

B

bit.arshift(a,b), Bitwise Logical Operations
bit.band(w1,...), Bitwise Logical Operations
bit.bnot(a), Bitwise Logical Operations
bit.bor(w1,...), Bitwise Logical Operations
bit.bxor(w1,...), Bitwise Logical Operations
bit.lshift(a,b), Bitwise Logical Operations
bit.mod(a,b), Bitwise Logical Operations
bit.rshift(a,b), Bitwise Logical Operations
build_query, URL Manipulation Functions

C

car, Functional Programming Style List Operations
cdr, Functional Programming Style List Operations
checksums
and OS detection, Integrity of returned probe IP checksum value (RIPCK)
CIDR addressing, Target Specification
clear, String Buffer Operations
close, Connect-style network I/O
community, Community Contributions
concat, String Buffer Operations
connect, Connect-style network I/O
connect() scan, Port Scanning Techniques
cons, Functional Programming Style List Operations
copyright, Nmap Copyright and Licensing
crashing remote hosts, Can Port Scanning Crash the Target Computer/Networks?
solutions, Can Port Scanning Crash the Target Computer/Networks?

D

data files, Introduction
customizing, Using Customized Data Files
directory search order, Using Customized Data Files
database
storing scan results, Output to a Database
debugging
nmap.debugging, Information Passed to a Script
debugging output, Enabling Debugging Output
Document Type Definition, Purpose
dump, String Buffer Operations

E

ECN
and OS detection, TCP explicit congestion notification (ECN), Explicit congestion notification (CC)
eqbuf, String Buffer Operations
ethernet_close, Raw packet network I/O
ethernet_open, Raw packet network I/O
ethernet_send, Raw packet network I/O
export controls, US Export Control Classification

F

fetchfile, Information Passed to a Script
filter, Functional Programming Style List Operations
FIN scan, Port Scanning Techniques
fingerprints
OS, Understanding an Nmap Fingerprint
service, Technique Described, Community Contributions
flatten, Functional Programming Style List Operations
fragmentation of packets
and OS detection, IP don't fragment bit (DF), IP Fragmentation
FTP bounce scan, Port Scanning Techniques

G

get, HTTP Functions
get_info, Connect-style network I/O
get_parts_as_number, IP Operations
get_port_state, Target Information Retrieving by a Script
get_url, HTTP Functions
GNU GPL, Nmap Copyright and Licensing

H

have_ssl, Information Passed to a Script
host, Information Passed to a Script
Host and port state reasons, Host Discovery
host.bin_ip, Information Passed to a Script
host.bin_ip_src, Information Passed to a Script
host.directly_connected, Information Passed to a Script
host.interface, Information Passed to a Script
host.ip, Information Passed to a Script
host.mac_addr, Information Passed to a Script
host.mac_addr_src, Information Passed to a Script
host.name, Information Passed to a Script
host.os, Information Passed to a Script
host.targetname, Information Passed to a Script

I

IANA assigned ports list, Well Known Port List: nmap-services
ICMP ping, Host Discovery
and OS detection, ICMP echo (IE)
idle scan, Port Scanning Techniques
installation
from deb packages, Debian Linux and Derivatives such as Ubuntu
from RPMs, RPM-based Distributions (Red Hat, Mandrake, Suse, Fedora)
from source, Unix Compilation and Installation from Source Code
from source on windows, Compile from Source Code
from windows binaries, Windows
from Yum, Updating Red Hat, Fedora, Mandrake, and Yellow Dog Linux with Yum
on Apple Mac OS X, Apple Mac OS X
on BSD, FreeBSD / OpenBSD / NetBSD
on other platforms, Amiga, HP-UX, IRIX, and Other Platforms
on Solaris, Sun Solaris
IP ID
ICMP sequence generation, ICMP IP ID sequence generation algorithm (II)
sequence generation, Usage and Examples
TCP sequence generation, TCP IP ID sequence generation algorithm (TI)
IP Protocol ping, Host Discovery
IPv6, Miscellaneous Options
isPrivate, IP Operations
is_empty, Functional Programming Style List Operations
is_list, Functional Programming Style List Operations

L

legal issues, Legal Issues
license, Nmap Copyright and Licensing
OpenSSL exception, Nmap Copyright and Licensing
list scan, Avatar Online
example, Avatar Online
List scan, Host Discovery

M

MAC addresses, MAC Address Vendor Prefixes: nmap-mac-prefixes
Maimon scan, Port Scanning Techniques
map, Functional Programming Style List Operations
Michal Zalewski, Passive Fingerprinting

N

ncar, Functional Programming Style List Operations
ncdr, Functional Programming Style List Operations
new, String Buffer Operations
new_dnet(), Raw packet network I/O
Nmap Scripting Engine, Introduction
nmap-mac-prefixes, MAC Address Vendor Prefixes: nmap-mac-prefixes
nmap-os-db, Nmap OS Detection DB: nmap-os-db
nmap-protocols, IP Protocol Number List: nmap-protocols
nmap-rpc, SunRPC Numbers: nmap-rpc
nmap-service-probes, Version Scanning DB: nmap-service-probes
comments, nmap-service-probes File Format
complete example, Putting it all together
Exclude directive, Technique Described, Exclude Directive
fallback directive, fallback Directive
file format, nmap-service-probes File Format
match directive, match Directive
Probe directive, Probe Directive
probename, Probe Directive
probestring, Probe Directive
rarity directive, rarity Directive
softmatch directive, softmatch Directive
sslports directive, ports and sslports Directives
totalwaitms, totalwaitms Directive
nmap-services, Introduction, Well Known Port List: nmap-services
nmap.clock_ms(), Various Utility Functions for Raw Packet Support
nmap.get_interface_link(interface_name), Various Utility Functions for Raw Packet Support
nmap.new_socket(), Connect-style network I/O
NMAPDIR environment variable, Using Customized Data Files
NmapFE, Command-line and Graphical Interfaces
NSE, Nmap Scripting Engine (NSE)
NULL probe, Technique Described
null scan, Port Scanning Techniques
numbytes, Buffered Network I/O Helper Functions

O

OS detection, Introduction, OS Detection
classifications, Device and OS classification (Class lines)
effects of packet filters, Dealing with Misidentified and Unidentified Hosts
example, Usage and Examples
matching algorithms, OS Matching Algorithms
misidentification, When Nmap Guesses Wrong
probes, Probes Sent
reasons for, Reasons for OS Detection
responses, Response Tests
techniques, TCP/IP Fingerprinting Methods Supported by Nmap
output formats, Controlling Output Type
grepable, Grepable Output (-oG)
interactive, Interactive Output
normal, Normal Output (-oN)
sRc1pT kIddI3, $crIpT kIddI3 0uTPut (-oS)
XML, XML Output (-oX)

P

p0f, Passive Fingerprinting
parse_protocols, Data File Parsing Functions
parse_query, URL Manipulation Functions
parse_rpc, Data File Parsing Functions
parse_services, Data File Parsing Functions
passive OS fingerprinting, Passive Fingerprinting
PATH, The nmap executable
pcap_close(), Raw packet network I/O
pcap_open, Raw packet network I/O
pcap_receive, Raw packet network I/O
pcap_register, Raw packet network I/O
PCRE, match Directive
pcre.exec, Perl Compatible Regular Expressions
pcre.flags, Perl Compatible Regular Expressions
pcre.gmatch, Perl Compatible Regular Expressions
pcre.match, Perl Compatible Regular Expressions
pcre.new, Perl Compatible Regular Expressions
pcre.version, Perl Compatible Regular Expressions
Perl
parsing XML output, Manipulating XML Output with Perl
regular expressions, match Directive
PGP signatures, Verifying the Integrity of Nmap Downloads
ping scan, Host Discovery
port, Information Passed to a Script
port.number, Information Passed to a Script
port.protocol, Information Passed to a Script
port.service, Information Passed to a Script
port.state, Information Passed to a Script
port.version, Information Passed to a Script
portmapper, RPC Grinding
portnumber, Short Portrules
port_or_service, Short Portrules
printers
version scan exclusion, Exclude Directive
print_debug, Various Utility Functions
Protocol scan, Port Scanning Techniques

R

receive, Connect-style network I/O
receive_buf, Connect-style network I/O
receive_bytes, Connect-style network I/O
receive_lines, Connect-style network I/O
regex, Buffered Network I/O Helper Functions
registry, The Registry
regular expression, match Directive
request, HTTP Functions
resuming scans, Resuming Aborted Scans
reverse, Functional Programming Style List Operations
RPC, Usage and Examples, Technique Described
bypassing filtered portmapper port, RPC Grinding
grinder, RPC Grinding
rpcbind, RPC Grinding
rpcinfo, RPC Grinding
runtime interaction, Runtime Interaction

S

send, Connect-style network I/O
service, Short Portrules
service fingerprint, Submit Service Fingerprints
set_port_state, Target Information Retrieving by a Script
set_port_version, Target Information Retrieving by a Script
set_timeout, Connect-style network I/O
soft match, Technique Described
SSL, Usage and Examples, Technique Described, ports and sslports Directives
OpenSSL, Technique Described, SSL Post-processor Notes
ports, SSL Post-processor Notes
tunneling, Technique Described
version scan post-processor, SSL Post-processor Notes
strjoin, Various Utility Functions
strsplit, Various Utility Functions
SYN ping, Host Discovery
SYN scan, Port Scanning Techniques

T

TCP flags
and OS detection, TCP flags (F)
TCP initial window size
and OS detection, TCP initial window size (W, W1–W6)
TCP options
and OS detection, Sequence generation (SEQ, OPS, WIN, and T1), TCP timestamp option algorithm (TS)
TCP RST data
and OS detection, TCP RST data checksum (RD)
TCP sequence prediction, Usage and Examples, TCP ISN greatest common denominator (GCD), TCP sequence number (S)
todword, IP Operations
Trace path to host, Host Discovery
TTL
and OS detection, IP initial time-to-live (T)

U

UDP
and OS detection, UDP (U1)
UDP ping, Host Discovery
UDP scan, Port Scanning Techniques
Umit Scan Results, Saving and loading scan results
uninstallation, Removing Nmap
uptime, Usage and Examples

V

verbosity, Controlling Verbosity of Output
nmap.verbosity, Information Passed to a Script
version scan, Service and Version Detection
additional service information, Usage and Examples, match Directive
cheats, Cheats and Fallbacks
creating custom probes, Submit New Probes
discovering OSs, match Directive
empty version column, Usage and Examples
examples, Usage and Examples
fallbacks, Technique Described, Cheats and Fallbacks
helper functions, match Directive
intensity level, Probe Selection and Rarity
performance, Technique Described, Probe Selection and Rarity
post-processors, Post-processors
probable ports, Technique Described
probe string, Technique Described
rarity, Probe Selection and Rarity
service fingerprint, Submit Service Fingerprints
SMB post-processor, Technique Described
soft match, Technique Described
softmatch directive, softmatch Directive
technique, Technique Described
virtual hosts, Cheats and Fallbacks

W

warranty (lack of), No Warranty
welcome banner, Technique Described
wildcard, Port Specification and Scan Order
Window scan, Port Scanning Techniques
windows
limitations, Windows

X

Xmas scan, Port Scanning Techniques
XML, XML Output (-oX)
Document Type Definition, Purpose
output example, XML Output (-oX)
outputting to a database, Output to a Database
parsing with Perl, Manipulating XML Output with Perl

Z

Zenmap, Introduction
command line options, Command line options
configuration file, Description of zenmap.conf
database (see recent scans database)
profile editor, The profile editor
profiles, Profiles
creating, The profile editor
deleting, Editing a profile
editing, The profile editor
meta-information, Creating a new profile
recent scans database, The recent scans database, Per-user configuration files
disabling, Searching through results
scan tabs, Scan tabs
sorting by host, Sorting by host
sorting by service, Sorting by service
syntax highlighting
disabling, Scan results tabs
zenmap.db (see recent scans database)
ZENMAP_DEVELOPMENT, Output redirection and debugging

Prev   
The Full DTD Home 
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]