Specified scan ranges

We learned earlier that by default, Nmap only scans the top 1000 ports. However, services can be put online on any of the 65,535 ports that exist—not just the most common ones. Many system administrators and network engineers run services on very high ports such as 65,001, so that they aren't detected by normal scans. Security through obscurity, though, never really works!

It's possible to specify a specific port range by using the -p flag. So, if you want to only scan port 80 on scanme.nmap.org, you can type nmap -p 80 scanme.nmap.org. The port specification flag works for ranges too—so, in another example, nmap -p1-1024 scanme.nmap.org will scan ports 1 to 1024 (all privileged ports) on the target host.

There's also a useful ...

Get Nmap Essentials now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.