How to Setup Nmap to Perform a Security Vulnerability Test on a Linux Machine

How to Setup Nmap Tool for Security Tests

Ensuring the security of your web server is paramount. One of the most popular tools for assessing the security posture of a network is Nmap. Originally designed as a network mapping tool, Nmap has evolved into a powerful security auditing utility.

This guide will walk you through the process of setting up Nmap on a Linux machine to perform a security vulnerability test. By understanding potential vulnerabilities, you can take proactive measures to secure your server.

For those unfamiliar with the different types of web servers, you might want to explore our articles on Apache, Nginx, and LiteSpeed respectively. Additionally, understanding the hosting environment, be it dedicated server, VPS server, cloud hosting, or shared hosting, can influence the security measures you implement.

Let’s get started.

Step 1. Installing Nmap

On most Linux distributions, Nmap can be installed from the default repositories:

sudo apt-get update
sudo apt-get install nmap

Step 2. Basic Nmap Scan

To perform a basic scan of a target, use the following command:

nmap [target_IP]

Replace [target_IP] with the IP address of the server you wish to scan.

Step 3. Scan Specific Ports

If you want to scan specific ports, you can specify them:

nmap -p 22,80,443 [target_IP]

This command scans ports 22 (SSH), 80 (HTTP), and 443 (HTTPS).

See also  How to Use Sysbench to Test Database Performance on a Linux Machine

Step 4. Perform a Service Version Detection

To detect the version of services running on open ports:

nmap -sV [target_IP]

Step 5. OS Detection

Nmap can also attempt to detect the operating system of the target:

nmap -O [target_IP]

Step 6. Aggressive Scan

For a more comprehensive scan that includes OS detection, version detection, script scanning, and traceroute:

nmap -A [target_IP]

Step 7. Saving Scan Results

To save the scan results to a file:

nmap [target_IP] -oN output.txt

This will save the results in a readable format to output.txt.

Commands Mentioned

  • sudo apt-get install nmap – Installs Nmap
  • nmap [target_IP] – Performs a basic scan
  • nmap -p 22,80,443 [target_IP] – Scans specific ports
  • nmap -sV [target_IP] – Detects service versions
  • nmap -O [target_IP] – Detects the operating system
  • nmap -A [target_IP] – Performs an aggressive scan
  • nmap [target_IP] -oN output.txt – Saves scan results to a file


  1. What is Nmap primarily used for?

    Nmap, which stands for Network Mapper, is primarily used for network discovery and security auditing. It can discover devices running on a network and find open ports along with various attributes of the network.

  2. Is it legal to scan networks with Nmap?

    Scanning networks with Nmap is legal on your own network or on a network where you have explicit permission. However, unauthorized scanning of networks you don’t own is illegal in many countries and can lead to severe penalties.

  3. How long does an Nmap scan typically take?

    The duration of an Nmap scan varies based on the range of IP addresses, the type of scan, network conditions, and the number of ports scanned. A basic scan can take a few seconds to several minutes, while a more comprehensive scan can take longer.

  4. Can Nmap scans be detected?

    Yes, Nmap scans can be detected by intrusion detection systems (IDS), firewalls, and other network monitoring tools. Some Nmap scan types are more stealthy than others, but a knowledgeable administrator can often detect even the stealthiest scans.

  5. Why is it important to keep Nmap updated?

    Keeping Nmap updated ensures that you have the latest features, bug fixes, and service and OS detection databases. This ensures more accurate scans and helps in identifying newer vulnerabilities or misconfigurations that might not be recognized by older versions of the tool.

See also  How to Setup Chaos Monkey to Assess the Resilience of the Server’s Network on a Linux Machine


Nmap is an indispensable tool for network administrators, security professionals, and ethical hackers. By understanding its capabilities and how to effectively use it, you can gain valuable insights into the security posture of your network. Regularly scanning your server, especially if it’s part of critical infrastructure like a dedicated server or a VPS server, can help in early detection of vulnerabilities, allowing you to patch them before they can be exploited.

However, it’s essential to use Nmap ethically and responsibly. Always ensure you have the necessary permissions before scanning any network or system. Unauthorized scanning can lead to legal repercussions and is considered unethical in the cybersecurity community.

See also  How to Test a Web Server with the MTR Command

By staying updated with the latest versions of Nmap and continuously educating oneself on its features and best practices, you can ensure that your server remains secure and resilient against potential threats. Whether you’re running an Apache, Nginx, or LiteSpeed server, regular security assessments using tools like Nmap are crucial in web hosting.


Leave a Reply

Your email address will not be published. Required fields are marked *