Overview
This node performs network scanning using the nmap command-line tool. It supports multiple scan operations, including quick network scans, discovery scans, fast port scans, and full port scans on specified targets such as IP addresses, hosts, or network ranges.
The "Ports Fast Scan" operation specifically performs a fast scan of ports on a target host or network range using the -F option in nmap, which scans fewer ports than a full scan for quicker results.
Common scenarios where this node is useful include:
- Quickly identifying open ports on devices within a network.
- Performing security assessments by discovering active services.
- Network inventory and monitoring to detect new or changed hosts and services.
Example: Scanning a subnet 192.168.1.0/24 to quickly find hosts with open common ports for further investigation.
Properties
| Name | Meaning |
|---|---|
| Target Network Range / Host / IP | The IP address, hostname, or CIDR network range to scan (e.g., 192.168.0.0/24). |
| Options | Collection of additional scan options: |
| - Aggressive Mode | Numeric value to enable faster execution mode (-T5), default is 5. |
| - Check Top Ports | Number of top ports to check (e.g., 1000), passed as --top-ports argument. |
| - Host Discovery | Boolean to enable host discovery; if disabled, uses -Pn to skip pinging hosts for speed. |
| - Put Result in Field | Name of the output JSON field where port scan results will be stored (default "ports"). |
Output
The node outputs an array of items, each containing a json object with scan results:
For the "Ports Fast Scan" operation, the output JSON includes a field (default
"ports") that holds the parsed port scan data from the nmap result. This typically contains information about open ports detected on the target(s).The exact structure of the ports data depends on the parsing logic but generally includes port numbers, states (open/closed), and possibly service names.
No binary data output is produced by this node.
Dependencies
- Requires the
nmapcommand-line tool installed and accessible on the system where n8n runs. - Requires sudo privileges with a password credential to execute nmap commands with elevated permissions.
- Uses internal utility classes for shell command execution and nmap output parsing.
- The node expects a valid API key or password credential configured in n8n to provide the sudo password securely.
Troubleshooting
Common issues:
- Missing or incorrect sudo password credential will cause command execution failure.
nmapnot installed or not in PATH will result in command not found errors.- Invalid target network range or hostnames may cause nmap to fail or return no results.
- Firewall or network restrictions might block scanning attempts.
Error messages:
- Errors thrown during command execution are wrapped and reported as node operation errors.
- If the node fails with permission denied, verify the sudo password credential and user permissions.
- Parsing errors may occur if nmap output format changes or unexpected output is received.