# 5.  Network scanning using various tools

## 1. Scan using Metasploit

```
service postgresql start
msfconsole
```

check whether the db is running or not

```
db_status
```

if its not running exit it and then run the commands

```
msfdb init
service postgresql restart
```

Start the nmap scan from msf terminal

```
nmap -sS -Pn -A -oX test 192.168.18.0/24
```

After the scan completes, Nmap displays the host information in the target network along with open ports, service and OS enumeration.

Now type the following to import the results.

```
db_import test
```

```
hosts   //to view all hosts
```

type service or db-services to see running services.

### use port scan aux modules

```
use auxiliary/scanner/portscan/syn
set interface eth0
set PORTS 80
set RHOSTS 192.168.18.110-125
set THREADS 50
```

### Other Important Modules

```
auxiliary/scanner/portscan/tcp
use auxiliary/scanner/smb/smb_version
```

{% embed url="<https://www.udemy.com/course/ethical-hacker-practical/?referralCode=289CF01CF51246BCAD6C>" %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://ceh-practical.cavementech.com/module-3.-scanning-networks/5.-network-scanning-using-various-tools.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.