nmap: List only open ports while scanning
2 min read | by Jordi Prats
While scanning using nmap a network for a specific port (using the -p option), it can be confusing toe get a list of hosts that are alive with either closed or filtered ports while we only care for open ports:
$ sudo nmap -sS 10.12.16.0/24 -p 8123
Starting Nmap 7.80 ( https://nmap.org ) at 2022-12-04 18:18 CET
Nmap scan report for _gateway (10.12.16.1)
Host is up (0.0010s latency).
PORT STATE SERVICE
8123/tcp filtered polipo
MAC Address: CD:44:F0:F4:22:44 (Unknown)
Nmap scan report for 10.12.16.10
Host is up (0.00020s latency).
PORT STATE SERVICE
8123/tcp open polipo
MAC Address: DC:A6:33:77:AA:BB (Raspberry Pi Trading)
Nmap scan report for 10.12.16.33
Host is up (0.00046s latency).
PORT STATE SERVICE
8123/tcp closed polipo
MAC Address: B8:27:EB:8D:99:11 (Raspberry Pi Foundation)
(...)
Nmap done: 256 IP addresses (15 hosts up) scanned in 1.78 seconds
Using the --open option we are telling nmap to just list hosts that the port is open, so the list gets much shorter:
$ sudo nmap -sS 10.12.16.0/24 -p 8123 --open
Starting Nmap 7.80 ( https://nmap.org ) at 2022-12-04 18:22 CET
Nmap scan report for 10.12.16.10
Host is up (0.00031s latency).
PORT STATE SERVICE
8123/tcp open polipo
MAC Address: DC:A6:33:77:AA:BB (Raspberry Pi Trading)
Nmap done: 256 IP addresses (16 hosts up) scanned in 1.49 seconds
Posted on 05/12/2022