NMAP

Usage

• Nmap can provide further information on targets, including reverse DNS names, device types, and MAC addresses.
• Host discovery – Identifying hosts on a network. For example, listing the hosts that respond to TCP and/or ICMP requests or have a particular port open
• Port scanning – Enumerating the open ports on target hosts
• OS detection – Determining the operating system and hardware characteristics of network devices
• Version detection – Interrogating network services on remote devices to determine the application name and version number.
• Scriptable interaction with the target support using the Nmap Scripting Engine (NSE).
• Auditing the security of a device or firewall by identifying the network connections which can be made to, or through it.
• Identifying open ports on a target host in preparation for auditing.
• Network inventory, network mapping, and maintenance and asset management.
• Auditing the security of a network by identifying new servers.
• Generating traffic to hosts on a network, response analysis and response time measurement.
• Finding and exploiting vulnerabilities in a network.
• DNS queries and subdomain search

Note:
A "subnet mask" or "prefix length" is just a convenient shorthand for specifying a range of IPaddresses. An IP address can be represented as a 32-bit binary number. To define a range ofaddresses, we divide these 32-bits into a network part and a host part. The subnet mask orprefix length tells us where the split occurs. If our router is assigned a local address of192.168.0.1 and we want to indicate that this is from a range of 256 addresses, we can writethis as 192.168.0.1/24 where the "/24" is the prefix length and indicates that the first 24-bitsare the network number and the last 8-bits are the host number. Alternatively, we canspecify a subnet mask of 255.255.255.0 which effectively says the same thing

Note:- CIDR (Classless Inter-Domain Routing)
Classless Inter Domain Routing (CIDR) is a method for assigning IP addresses without using the standard IP address classes like Class A, Class B or Class C. CIDR is a newer addressing scheme for IP Networks which allows for a more efficient allocation of IP addresses than the older method which was by assigning organizations a class of IPs. CIDR was a result of running out of IPv4 addresses as well as addressing the issue with routing tables increasing in size. For more Reading

My-IP Show Commands

    $ ip addr show
    $ ifconfig
        

Scanning Commands

    $ nmap 192.168.12.2                  # Single target
    $ nmap 192.168.0.1 192.168.0.2       # Multiple target
    $ nmap 192.168.0.1-10                # Range of target
    $ nmap 192.168.0.1/24                # Scan an Entire (Subnet nmap [ip address/cdir])
    $ nmap -iR 0                         # Scan Random Hosts

    $ nmap 192.168.0.1/24 –exclude 192.168.0.100, 192.168.0.200  # Excluding Targets from a Scan
    $ nmap 192.168.0.1/24 –excludefile notargets.txt             # Excluding Targets Using a List
    $ nmap -A 192.168.0.1                                        # Perform an Aggressive Scan
    $ nmap -6 1aff:3c21:47b1:0000:0000:0000:0000:2afe            # Scan an IPv6 Target