Disable ping sweep

When Nmap runs an ordinary scan, it first runs a ping sweep and then follow up with actual port scans (of whatever port ranges specified). If hosts are not responding to a ping, they won’t be fully scanned and port scans, version detection, or OS detection will be performed only against the host that are found to be up.

You can disable the host discovery process using the -PN option. This option forces Nmap to attempt the requested scanning functions against every target IP address specified. Of course, this can significally slow the scanning process, so make sure to list only machines you know are up. Here is an example:

root@kali:~# nmap -PN -p 50-90 192.168.5.102
Starting Nmap 7.01 ( https://nmap.org ) at 2016-03-04 19:25 CET
Nmap scan report for 192.168.5.102
Host is up (1.0s latency).
Not shown: 38 closed ports
PORT STATE SERVICE
53/tcp open domain
80/tcp open http
88/tcp open kerberos-sec
Nmap done: 1 IP address (1 host up) scanned in 3.11 seconds

In the example above you can see that we’ve conducted a port scan with the host discovery process disabled.

Geek University 2021