How to test Firewall Configuration with Nmap on Linux Cloud Servers

2020-10-13 By Mark 43 Views linux networking nmap
0 reviews

Nmap is a free and open-source network scanner and it is used by network administrators to identify what devices are running on their systems, discovering hosts that are available and the services they offer, finding open ports and detecting security risks.


This guide outlines the basic steps to test firewall configuration on different Linux OS.


CentOS/Fedora


  1. Install Nmap on the server with the below command.

    # yum install nmap
    

    linuxnmap1

  2. To test a single TCP port, run the below command.

    # nmap -p <port> <ip address="">
    


    Here 445 is the TCP port number and you can use the Original Port number and IP address that wish to test.

    linuxnmap2

  3. Run the below command to test all TCP ports.

    # nmap <ip address="">
    

    linuxnmap3

  4. Run the below command to test all TCP ports and also detect the version. It will detect and show which services and which versions are running.

    # nmap -sV <ip address="">
    

    linuxnmap4

  5. Run the below command to test all TCP ports and run basic security checks. It will helpful to detect common vulnerabilities and misconfigurations.

    # nmap -sC <ip address="">
    

    linuxnmap5

  6. You can use the below command if need to know more detailed information about the remote machine.

    # nmap -v <ip address="">
    

    linuxnmap6

  7. Run the below command to scan OS information and Traceroute.

    # nmap -A <ip address="">
    

    linuxnmap7

    NOTE: Use the Original Port number and IP address that wish to test.


Ubuntu/Debian


  1. Install Nmap on the server with the below command.

    # apt install nmap
    

    linuxnmap8

  2. To test a single TCP port, run the below command.

    # nmap -p <port> <ip address="">
    


    Here 445 is the TCP port number and you can use the Original Port number and IP address that wish to test.

    linuxnmap9

  3. Run the below command to test all TCP ports.

    # nmap <ip address="">
    

    linuxnmap10

  4. Run the below command to test all TCP ports and also detect the version. It will detect and show which services and which versions are running.

    # nmap -sV <ip address="">
    

    linuxnmap11

  5. Run the below command to test all TCP ports and run basic security checks. It will helpful to detect common vulnerabilities and misconfigurations.

    # nmap -sC <ip address="">
    

    linuxnmap12

  6. You can use the below command if need to know more detailed information about the remote machine.

    # nmap -v <ip address="">
    

    linuxnmap13

  7. Run the below command to scan OS information and Traceroute.

    # nmap -A <ip address="">
    

    linuxnmap14

    NOTE: Use the Original Port number and IP address that wish to test.


Related Tutorials

What do you think about this article?

Rate this article