Get full access to Nmap: Network Exploration and Security Auditing Cookbook - Second Edition and 60K+ other titles, with a free 10-day trial of O'Reilly.

There are also live events, courses curated by job role, and more.

Start your free trial

How to do it...

To launch an idle scan, open your terminal and type the following command:

#nmap -Pn -sI <zombie host> <target>

The output will look similar to the following:

   Idle scan using zombie 93.88.107.55 (93.88.107.55:80); Class:       Incremental    Nmap scan report for meil.0xdeadbeefcafe.com (106.187.35.219)    Host is up (0.67s latency).    Not shown: 98 closed|filtered ports    PORT    STATE SERVICE    465/tcp open  smtps    993/tcp open  imaps    993/tcp open  imaps

Idle scanning should work if the zombie host meets the previously discussed requirements. If something did not work as expected, the returned error message should give you an idea of what went wrong:

   Idle scan zombie XXX.XXX.XX.XX (XXX.XXX.XX.XX) port 80 cannot be     used because ...

Get Nmap: Network Exploration and Security Auditing Cookbook - Second Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Don’t leave empty-handed

Get Mark Richards’s Software Architecture Patterns ebook to better understand how to design components—and how they should interact.

It’s yours, free.

Get it now

Check it out now on O’Reilly

Dive in for free with a 10-day trial of the O’Reilly learning platform—then explore all the other resources our members count on to build skills and solve problems every day.

Start your free trial Become a member now