 Hello everyone, this is Ritubala and I am here to talk some things about Nmap. So Nmap full form is network mapper and it is mainly a security scanner that is used to discover host and services on a computer network. So to achieve this, what it does? It sends specially crafted packets to the target host and then analyzes the response. So there are different features provided by Nmap. So the first one is host discovery. So to discover any host, what it does, it sends ICMP echo request messages to the host and waits for the reply. If it gets some ICMP echo replies from the host, then it is concluded that the host is alive. So this is the one feature and the next feature is port scanning. So for port scanning, what it does, it sends TCP send packets to the 1000 well-known ports of the target host and according to the response that has been arrived, it divides, classifies the ports into four states. So we will be talking about these states later. Now apart from that, there is another feature operating system detection. So for this, there is an option. So with the help of this option, we can detect what operating system is running on the target host. We can also detect what version of the service is running with the help of version detection option. Apart from them, there are many more options that can be used. So as I said earlier, there are four port states recognized by Nmap. So if Nmap says some port is open, that means an application is actively accepting TCP connections, UDP datagrams or SCTP associations on this port. So this open port can be scanned for vulnerabilities and we will use this information for our penetration testing. So if some port is closed, that means it is accessible, but there is no application that is listening on this port. And if some port is filtered, that means there is some firewall or some security system is there on the target host that is preventing our probes to reach to these ports. And if the port is unfiltered, that means the port is accessible, but Nmap itself is unable to determine whether it is open or closed. Now we will see some small demo. So first, we will be scanning a range of IP addresses. So here I have given a range from 0 to 255, the IP address is 10.129.154.0 to 255. So there are 256 IP address that will be scanned here. So we will analyze the response now. So as you can see here, there are response, the first line says starting Nmap 6.0. So it is the version of Nmap that is running and the second line is host is up. So it says the first scan report is for the IP address 10.129.154.9 and it says host is up. That means it has performed host discovery first and then it has performed port scanning. So it will be saying that 996 filter ports are there and apart from that these are 4 ports and the states and the services of the ports is also specified here. This is the scan report for second IP address and similarly it has scanned several IP addresses here. Okay, so total it has scanned 9 IP addresses, total it has to scan 256 IP addresses, among them only 9 are up. So for 256 IP addresses it has performed host discovery and for 9 which are alive it has performed port scanning. Now we can like here we have provided a range of IP addresses so we can also provide a single IP address and check what are the ports open on this IP address. Also the next option is for operating system detection that we talked earlier. So for this we have to give an option minus O and with the help of this it will tell us what operating system is running on this IP address. So here as we can see that first it has performed host discovery it says host is up and then it has performed port scanning and in the last it says device type that is general purpose there are different device types the IP address can be of router or some printer. So it will be saying that this is a general purpose device and the what version of operating system is running and what is the CPE of that OS and other network details like network distance and all. Okay, thank you.