One of the best places to begin with cybersecurity is with Nmap — a beginner-friendly tool used by professionals to map networks and uncover the unknown. And the best part? You can start right now, safely and legally, using public practice targets made just for learning.
The Power to Map a Network
Every ethical hacker starts with a simple question: What’s out there? Before you can secure a network or find vulnerabilities, you first need to know what systems are live, what services they’re running, and how they’re exposed to the world. That’s exactly what Nmap helps you do.
Nmap stands for Network Mapper, and it scans IP addresses to discover open ports and services on devices. It’s fast, lightweight, and incredibly useful whether you’re scanning a home lab or a production system (with permission, of course).
Getting Started with Nmap
To install Nmap, use your system’s package manager. On Linux, run:
sudo apt install nmap
On macOS:
brew install nmap
Once installed, you can immediately start scanning. And yes—there’s a public, intentionally open server maintained by Nmap’s creators just for this purpose: scanme.nmap.org.
Here’s a basic scan command:
nmap scanme.nmap.org
And here’s a sample output:
Starting Nmap 7.80 ( https://nmap.org ) at 2025-04-12 00:10 IST
Nmap scan report for scanme.nmap.org (45.33.32.156)
Host is up (0.24s latency).
Other addresses for scanme.nmap.org (not scanned): 2600:3c01::f03c:91ff:fe18:bb2f
Not shown: 991 closed ports
PORT STATE SERVICE
22/tcp open ssh
25/tcp filtered smtp
80/tcp open http
135/tcp filtered msrpc
139/tcp filtered netbios-ssn
161/tcp filtered snmp
1022/tcp filtered exp2
9929/tcp open nping-echo
31337/tcp open Elite
Let’s break that down.
Nmap scanned the most common 1000 ports, but only showed the ones that responded meaningfully. The message Not shown: 991 closed ports means those ports are closed — the server responded, but nothing is listening there.
Now let’s look at the ports that did respond:
| Port | State | Service | What it means |
|---|---|---|---|
| 22 | open | ssh | Secure shell. Used to safely connect to a computer remotely. |
| 25 | filtered | smtp | Used to send emails. “Filtered” means it’s hidden or blocked by a firewall. |
| 80 | open | http | A web server is running here — this is where websites live. |
| 135 | filtered | msrpc | A Windows-specific service that’s being blocked or hidden. |
| 139 | filtered | netbios-ssn | Another Windows service (for file sharing), also blocked. |
| 161 | filtered | snmp | Used for network monitoring — here it’s hidden. |
| 1022 | filtered | exp2 | Likely a custom service — not responding. |
| 9929 | open | nping-echo | A service used by Nmap itself to test connections. |
| 31337 | open | Elite | A fun example port, often used in hacking demos. |
What You’ve Just Done
In just a few minutes, you've scanned a real server, learned what ports are open, and started interpreting what each one does. You’ve used the same tool professionals use to audit networks — and attackers use to plan intrusions. The difference is, you’re doing it the right way: legally, responsibly, and with curiosity.
If you're a software developer who enjoys exploring different technologies and techniques like this one, check out LiveAPI. It’s a super-convenient tool that lets you generate interactive API docs instantly.
So, if you’re working with a codebase that lacks documentation, just use LiveAPI to generate it and save time!
You can instantly try it out here! 🚀