A Professor Wingman Class 404
NetMgmt.Lab

Week 12

Introduction to Nmap and Responsible Network Scanning

Use Nmap responsibly to discover hosts and open ports on approved lab systems only.

Lesson recap

Nmap answers a simple question: what's listening, and on which port? In friendly hands it's how you confirm a server is up. In hostile hands it's reconnaissance for an attack. The exact same command, the exact same packets — what makes it legal is permission. This week you'll only scan an approved lab target. Read the rules carefully before you type a single command. Once you have permission, Nmap will become one of your most-used tools forever.

Learning goals

  • Explain what Nmap does
  • Run a basic Nmap scan on an approved target
  • Identify open ports and services
  • Understand the legal and ethical rules of scanning
  • Document scan results clearly

Key terms

Nmap

Network Mapper — a scanner used to discover hosts and services.

Port

A numbered endpoint (0–65535) where a service listens.

Service

A program listening on a port (HTTP on 80, SSH on 22).

TCP SYN scan (-sS)

Default scan: sends SYN, watches for SYN-ACK, never completes the handshake.

Service/version detection (-sV)

Tries to identify which exact software is running on each open port.

Authorized Target

A device you have explicit written permission to scan.

Curated videos

Nmap Tutorial for Beginners — What is Nmap?

HackerSploit

NMAP Tutorial for Beginners — Network Scanning

Simplilearn

Commands

nmap --version
nmap -sn 192.168.56.0/24
nmap 192.168.56.101
nmap -sV 192.168.56.101
nmap --top-ports 100 192.168.56.101
nmap -p- 192.168.56.101
nmap -sV -oA Week12_scan 192.168.56.101

Checkpoint checklist

Sign in to save your progress across devices.
  • Nmap installed
  • Reviewed responsible scanning rules
  • Ran scan against approved target
  • Identified open ports
  • Wrote short scan report
  • Saved required evidence
  • Answered the reflection questions

Pro tips from the instructor

  • Scanning a system without permission may violate the Computer Fraud and Abuse Act (US) and similar laws worldwide. Permission isn't optional.
  • `-p-` scans all 65535 ports and is loud — only run it when you mean to.
  • Nmap on Windows requires Npcap; the installer prompts for it. Don't skip it.

Try this — stretch exercises

Optional hands-on practice that goes beyond the workbook. Check items off as you complete them — progress saves in this browser.

0/2
  • Scan your own VM at 127.0.0.1. Compare the open ports to `netstat -an` on the same VM — they should match.
  • Run `nmap -A` against your lab target (aggressive scan: OS detection + version + scripts + traceroute) and read every line of output.

Files to save this week

  • 📁 Week12_NmapInstall_YourLastName.png
  • 📁 Week12_NmapScan_YourLastName.png
  • 📁 Week12_NmapReport_YourLastName