Nmap is an essential tool for any networking professional. It makes quick work of scanning your local network for available systems and services (text-based network mapping). For firewall administrators and security personnel, it provides excellent capabilities to check for open or closed ports on protected servers. Linux users can install nmap with the built-in system package manager (yum, apt-get, etc). Windows users can download the installer from nmap.org.
Here’s a quick example to check a web server for common web ports. Nmap will let you know if they are “open”, “filtered”, etc. nmap -p 80,443 169.254.1.77 (fake ip as example). Systems to check can be specified by IP or host-name. Run your test from outside a network firewall using a routeable public IP to verify which ports are open to the public. NOTE: If icmp/ping is disabled or filtered on the destination system, add the option -Pn to force nmap to avoid a ping test. Add the option -n to force numeric-only output (NO dns or hostname lookup). For the opposite case if you want a ping-only test, use something like nmap -sn 169.254.1.77 (disables port scanning). Scan TCP and UDP ports at the same time using -sU -sS -p T:80,T:443,U:53 If you’re on a multi-ip system, use the -S Your-Source-IP option to set the source address of nmap packets. Special note: most nmap features require “root” access for Linux and Unix users. Make sure you run nmap as root (or “sudo” root) otherwise lots of your scan results will be bogus (incorrect)!
Nmap is a very full-featured network scan tool and I recommend reading the official Nmap documentation before using it on any production systems or networks. As always, make sure you have authorization from the network and system owners prior to running a scan. I find that these tools are most useful to service providers and technicians for verifying and troubleshooting network and system changes. Security professionals are also fond of the abundant scanning tools built-in.