The Scanning the network using nmap tool cyberseclabs of 2025

We independently review everything we recommend. When you buy through our links, we may earn a commission. Learn more ›

Nmap (Network Mapper) is one of the most powerful open-source tools for network discovery and security auditing. Whether you're a beginner in ethical hacking or a cybersecurity student, mastering Nmap is essential for identifying live hosts, open ports, and running services on a network.

At CyberSecLabs, we use Nmap in our labs to help learners understand the fundamentals of reconnaissance. This article walks you through step-by-step instructions to perform basic and advanced scans—strictly for educational and legal purposes.

Why Use Nmap?

Nmap is widely used because it is:

Free and open-source
Highly customizable
Supported on Linux, Windows, and macOS
Excellent for penetration testing, vulnerability assessments, and network troubleshooting

Legal Disclaimer

⚠️ This guide is meant strictly for educational use inside test environments like CyberSecLabs. Unauthorized scanning of systems without permission is illegal in many jurisdictions and may lead to criminal charges. Always get written consent before scanning any network that isn’t yours.

[Router/Gateway]
192.168.1.1
|
-------------------------------------------------
| | | |
[PC 1] 192.168.1.10 [PC 2] 192.168.1.20 [PC 3] 192.168.1.30 ...

How to Scan the Network with Nmap

Step 1: Discover Live Hosts

Use this command to find which hosts are online:

Explanation:

-sn: Ping scan (no port scan)
192.168.1.0/24: Replace with your lab network subnet

This will return all live systems with their IP addresses and MAC information.

Step 2: Scan Open Ports

To discover open ports and services:

Explanation:

-sS: Stealth SYN scan
192.168.1.10: Replace with the target IP

Nmap will return a list of open TCP ports and their associated services.

Step 3: Perform a Service Version Scan

To get more detail about services running:

Explanation:

-sV: Service/version detection

Use this to identify specific versions of services, which helps in vulnerability analysis.

Step 4: OS Detection

To identify the target's operating system:

Explanation:

-O: OS detection (requires root/sudo)

Combining this with version detection gives deeper insight for ethical testing.

Step 5: Aggressive Scan (Educational Only)

A comprehensive scan combining several options:

Explanation:

-A: Enables OS detection, version detection, script scanning, and traceroute

⚠️ Use this only in lab environments as it’s very noisy and can crash vulnerable systems.

FAQs

What is Nmap used for?

Nmap is a network reconnaissance tool used to discover hosts, services, ports, and vulnerabilities. It's a core tool in penetration testing and network defense.

Is scanning networks with Nmap legal?

It is legal only if you have permission or are using a private test lab like CyberSecLabs. Unauthorized scans can be detected and are often considered illegal.

How can I find all devices on my network?

Use the ping scan:

This shows all responsive devices on your subnet. It’s useful for network inventory.

What ports should I scan?

Common ports to scan include:

21 (FTP)
22 (SSH)
23 (Telnet)
80 (HTTP)
443 (HTTPS)
3389 (RDP)

Use nmap -p- to scan all 65535 ports, but only in test environments.

How do I practice safely?

Use virtual machines with VirtualBox, VMware, or an online platform like CyberSecLabs or TryHackMe. Never scan external IPs or corporate networks without explicit approval.

Final Thoughts

Learning how to scan networks using Nmap is a foundational skill for anyone in cybersecurity. Whether you're identifying hosts or fingerprinting services, Nmap helps you see what attackers might see.

Always remember: the power of these tools comes with responsibility. Use them only for authorized testing, education, and research. Mastering Nmap the right way helps build stronger networks—and better defenders.