Steps to Install Nmap & ZenMap on Debian 11 Bullseye Linux – Linux Shout

Nmap or “Network Mapper” is an open-source tool meant for security experts and developers by the “Nmap Developer Team” since 1997. Here we will learn the commands to install NMAP on Debian 11 Bullseye and how to use it?
Using Nmap, a user can scan the network and or computers on the internet/local (ie with their IP address) can be checked for open ports and the services listening on them. Known and unknown scanning methods make this tool a very powerful program.
The Network Mapper is particularly suitable for finding out all active hosts in the network environment (ping sweeps) as well as their operating system (OS fingerprinting) and version numbers of various services installed there.
Nmap can be used, for example, to test your firewall configuration or computer for open ports and (possibly undesired) services running in the background. Although this tool itself comes with a command-line interface, however using Zenmap the user can handle things more conveniently.
By default, Nmap performs an SYN scan that is based on the compliance of a TCP stack. It can be used to scan thousands of ports and allows a clear and reliable differentiation between ports with open, closed, or filtered status.
Typical usage of NMAP:
One of the first we will do is run the system update command. This will rebuild the system repo cache and also let the installed packages achieve their latest versions.
We don’t need to add any repository manually because the official package to install NMAP is already available on Debian 11 default base repo. Hence, running the APT package manager command to get it will be enough.
Those who are looking for a graphical user interface to use NMAP for scanning and analyzing networks. They can go for ZenMap, however, its latest is not available for Debian in binary format. Therefore to install it, first, we have to convert its existing RPM binary to Deb. Let’s follow the steps.
Go to the official website of Nmap and download the Zenmap RPM package.
Download the ZenMap RPM on Debian 11
If you have used the browser to download the file, then, first switch to Downloads directory- cd Downloads
To check the version of the current Nmap, use the given command:
Check nmap version on Debian 11
Nmap options target range can be a single IP address (it works with IPv4 by default, but you can also use IPv6 addresses), an IP address range, or a host. If you do not enter any further options, just type in Nmap target range, Nmap checks the target computer for the first 1000 ports. These are the majority of the so-called well-known ports that are permanently connected to certain typical applications (such as web servers or POP3).
To see all the options available to use with you can see its help page:
Using the port option we can scan to know the start of ports whether they are open or closed. However, filtered start can be annoying because it makes the admin scan ports with other methods. Let’s see some common states of ports we usually get while scanning the ports on a network.
Open– It means that an application or service is listening on this port and a connection is therefore possible.
Closed- This means that the host has refused a connection on this port. No application is listening behind it.
FILTERED / BLOCKED means that the host does not respond to requests on this port. This means that the connection is neither confirmed (OPEN) nor rejected (CLOSED). If the host can otherwise be reached, filtering (FILTERED) or blocking (BLOCKED) by a firewall takes place.
unfiltered – In this case, Nmap is reachable to port but cannot confirm whether it is open or closed.
The command to start scanning is:
To check your computer, you can use:
Nmap Port Scanning command
To scan the entire subnet use:
scan the entire subnet use
Service identification is also known as service fingerprinting or version detection (version scan). The service scanning command of Nmap tries to determine installed applications (uses some ports to talk outside the world) and their version as precisely as possible. This can be used to search versions of applications and then available vulnerabilities in a targeted manner.
Nmap Service and version identification
OS identification is also known as OS fingerprinting or OS detection is the process in which we use Nmap to identify what type of operating system is used by the host we are targeting.
OS & Service Identification with NMAP
Option to use for it:
OS scan (OS detection)  = -O Provides exact information of the operating system, if possible. The scan uses different application protocols on the ports that are considered “open” or “open | filtered”.
Service scan/version scan = -sV Scan ports to identify the applications running behind the open ports.
RPC scan = -sR  – If RPC (Remote procedure call) service is available on a port, the Nmap will scan that to give more information about the operating system.
Combined OS & service scan -O -sV or -A To provide OS and applications info, combined in a single output.
Identify the Operating system using Nmap
Well, if the Nmap is unable to provide exact information about the target host operating system then you can use the guess option, which is unreliable but give some idea with reliability percentage.
You can see that in the given screenshot.
Scan operating system with nmap guess command
The given command will use a classic ping scan with ICMP echo requests (-PE), but without port scan (-sn).
Classic ping scan network scan
Using this TCP ping scan combines the classic ping (ICMP echo) with the TCP SYN scan.
Let’s have again a glimpse of Nmap’s various scanning options or parameters that can be used with its command.
The following more exotic techniques (and others) can be useful in individual cases. However, it is advisable to study the nmap manpage or homepage beforehand to understand the special features and possible findings.
Nmap knows various options that can be combined with the scanning techniques mentioned above:
By default, Nmap scans all ports from 1 to 1024, plus the higher ones listed in the /usr/share/nmap/nmap-services file. The following options produce a different behavior:
Well, if you don’t want Nmap on your Debian 11 anymore then we can use the same APT package to remove it.
Other Articles:
Install WPScan WordPress Security Scanner on Ubuntu 20.04 LTS
How to install Zenmap Nmap GUI on Ubuntu 20.04 LTS
10 popular Open-Source Tools to Secure Your Linux Server in 2022
How to Open or close ports in AlmaLinux 8 or Rocky Firewall
Rocky Linux




This site uses Akismet to reduce spam. Learn how your comment data is processed.
Linux Shout crafted as a part of our main portal H2S Media to publish Linux related tutorials and open source Software.


We will be happy to hear your thoughts

Leave a reply

Compare items
  • Total (0)