Nmap Port Scanning kya hota hai? Is Hindi guide me Nmap Port Scanning types, commands aur real-world use case ko step-by-step samjhen.
Introduction
Agar aap cyber security ya ethical hacking seekh rahe ho, to aapne Nmap ka naam zaroor suna hoga. Nmap duniya ka sabse popular network scanning tool mana jata hai. Lekin sirf basic scan chalana hi kaafi nahi hota. Real-world me alag-alag situations me alag-alag port scanning techniques use ki jaati hain. Isi liye agar aap serious learner ho, to Nmap ke port scanning types ko deeply samajhna bahut zaroori hai.
Is guide me hum Nmap ke important port scanning types ko bilkul easy Hindi me step-by-step samjhenge. Har scan ka purpose, command, use case aur real-world importance bhi clear karenge.
Agar aap beginner ho to pehle Nmap Kya Hai? Beginner Guide zaroor padhein.
Port Scanning Kya Hoti Hai?
Sabse pehle basic samjhte hain.
Har computer ya server ke paas 0 se 65535 tak ports hote hain. In ports par alag-alag services run karti hain.
Example:
- HTTP → Port 80
- HTTPS → Port 443
- SSH → Port 22
- FTP → Port 21
- DNS → Port 53
Port scanning ka matlab hota hai:
- Kisi system ke ports ko check karna
- Kaun se open hain
- Kaun se closed hain
- Kaun se firewall ke piche filtered hain
Simple language me:
Port scan = System ke darwaze check karna
Agar darwaza khula hai (open port), to wahan koi service chal rahi hai.
Nmap Port Status Kaise Decide Karta Hai?
Nmap target system ko special network packets bhejta hai aur response analyze karta hai.
Response ke basis par port ki state decide hoti hai:
Open
Service run ho rahi hai
Connection possible hai
Closed
Port reachable hai
Lekin service run nahi ho rahi
Filtered
Firewall block kar raha hai
Exact state clear nahi
Ye pura process network reconnaissance ka foundation hai.
Important Nmap Port Scanning Types
Ab hum ek-ek scan ko detail me samjhenge.
Nmap ek powerful open-source tool hai.
1) TCP Connect Scan (-sT)
Command:
nmap -sT scanme.nmap.org
Ye basic TCP scan hai.
Kaise Kaam Karta Hai?
Ye full TCP handshake complete karta hai:
- SYN
- SYN-ACK
- ACK
Matlab ye normal connection jaisa behave karta hai.
Advantages
- Reliable
- Beginner friendly
- Windows me kaam karta hai
- sudo required nahi
Disadvantages
- Easily detectable
- Stealthy nahi
Kab Use Kare?
- Jab sudo access na ho
- Learning phase me
- Windows system par
2) SYN Scan (-sS) – Half Open Scan
Command:
sudo nmap -sS scanme.nmap.org
Ye sabse popular scan hai.
Kaise Kaam Karta Hai?
- SYN send karta hai
- Agar SYN-ACK milta hai
- To RST bhej deta hai
Connection complete nahi hota.
Isliye ise “Half Open Scan” kehte hain.
Features
- Fast
- Relatively stealthy
- Professional pentesters ka favorite
sudo required hota hai.
Ye real-world me sabse zyada use hota hai.
3) UDP Scan (-sU)
Command:
sudo nmap -sU scanme.nmap.org
UDP scan TCP se alag hota hai.
UDP me handshake nahi hota.
Agar port open hai:
→Kabhi response milta hai
→ Kabhi no response milta hai
Agar port closed hai:
→ ICMP Port Unreachable milta hai
Important UDP Services
- DNS (53)
- SNMP (161)
- DHCP (67)
Points Yaad Rakhein
- Slow hota hai
- Result inconsistent ho sakta hai
- Complete security testing ke liye zaroori hai
Beginners UDP scan ignore kar dete hain — jo galti hai.
4) Ping Scan (-sn)
Command:
nmap -sn 192.168.1.0/24
Ye ports scan nahi karta.
Sirf check karta hai:
Kaun se hosts alive hain
Use Cases:
- Network mapping
- Internal reconnaissance
- Fast scanning
Ye scanning ka pehla step hota hai.
5) Aggressive Scan (-A)
Command:
sudo nmap -A scanme.nmap.org
Ye detailed scan hai.
Isme include hota hai:
- OS detection
- Version detection
- Script scanning
- Traceroute
Ye noisy hota hai.
Production environment me carefully use karein.
6) Specific Port Scan (-p)
Command:
nmap -p 80,443 192.168.1.1
Sirf specific ports check karta hai.
Time save karta hai.
Professional testing me useful hota hai.
TCP vs UDP Scan – Clear Comparison
| Feature | TCP | UDP |
|---|---|---|
| Speed | Fast | Slow |
| Reliability | High | Low |
| Handshake | Yes | No |
| Use Case | Web, SSH etc | DNS, SNMP |
Best practice:
TCP + UDP dono scan karein.
Advanced Stealth Scan Types
Beginners ke liye basic scans kaafi hote hain, lekin concept ke liye advanced scans bhi samjhein.
FIN Scan (-sF)
sudo nmap -sF target
FIN packet send karta hai.
Kabhi-kabhi firewall bypass kar sakta hai.
NULL Scan (-sN)
sudo nmap -sN target
Empty TCP packet bhejta hai.
Xmas Scan (-sX)
sudo nmap -sX target
Multiple TCP flags ek sath set karta hai.
Modern firewalls me hamesha effective nahi hota.
Real-World Port Scanning Workflow
Professional pentesters structured approach follow karte hain.
Step 1: Host Discovery
nmap -sn network
Step 2: Fast Scan
nmap -F target
Step 3: SYN Scan
sudo nmap -sS target
Step 4: Version Detection
nmap -sV target
Step 5: Aggressive Scan
sudo nmap -A target
Is approach se proper analysis hota hai.
Timing Templates (-T)
Agar scan slow ho raha ho:
nmap -T4 target
Options:
T0 – Paranoid
T1 – Sneaky
T2 – Polite
T3 – Normal
T4 – Aggressive
T5 – Insane
Production environment me carefully use karein.
Beginners Ke Liye Learning Roadmap
- Ping Scan
- TCP Connect Scan
- SYN Scan
- Service Version Detection
- Aggressive Scan
- UDP Scan
Daily 20–30 minute practice karein.
Common Beginner Mistakes
- sudo bhool jana
- Wrong target dal dena
- UDP ignore karna
- Output na samajhna
- Direct aggressive scan chalana
Patience sabse important hai.
Safe Practice Environment
Kabhi bhi bina permission scan na karein.
Safe options:
- scanme.nmap.org
- Apni virtual machine
- Local lab
- TryHackMe / HackTheBox lab
Cyber security ka matlab secure karna hai — misuse nahi.
FAQs
Q1: Sabse stealthy scan kaunsa hai?
SYN scan relatively stealthy hota hai.
Q2: UDP scan slow kyu hota hai?
Handshake nahi hota aur response unreliable hota hai.
Q3: Kya port scanning illegal hai?
Tool legal hai. Unauthorized scanning illegal ho sakta hai.
Conclusion
Nmap port scanning cyber security ka core skill hai. Agar aap beginner ho to simple scans se start karein aur gradually advanced techniques seekhein.
- Sirf command yaad karna kaafi nahi — output samajhna sabse important hai.
- Regular safe practice se aapka network reconnaissance strong ho jayega.
- Consistency hi success ka secret hai.
Related Guides
- Nmap Kya Hai? Beginner Guide
- Wireshark Kya Hai? Complete Guide
Pingback: Wireshark Kya Hai? Hindi Guide (2026) - Tech Defances