Nmap’s default scan is in my view, fairly inadequate for a port scan. My primary concerns are that it won’t attempt to scan for OS version and it doesn’t scan UDP at all. If you’re scanning multiple hosts it will also attempt to scan as much as your connection will allow (starting at five and climbing until it hits a wall), which is a bit too conspicuous.
-v increases the verbosity of nmap’s output. With it, you’ll see periodic updates on scan progress and reports of any speed adjustments nmap makes.
-O enabled OS detection. It’s rarely terribly reliable, but can be very valuable when you encounter something you don’t recognize just from the open ports.
-Pn prevents nmap from attempting to determine whether or not a host is available before it begins its scan. It goes through a number of checks before determining a host is offline, but it gives false readings often enough that I think it’s worth disabling.
-sS enables the (default) TCP SYN scan (this is the only switch here that would have been included regardless as a default).
-sU enables UDP scanning (not default).
-sV enables attempting version detection on any services nmap finds on the host.
-oA [basename] outputs the scan results in all three formats (normal, XML and grepable).
--max-retries allows you to reduce the number of times nmap retries a port. The default is 10 which is a little too high for me.
--script="default not intrusive" enables script scanning, but only with scripts from the default set that aren’t also classified as “intrusive”.
--max-hostgroups 1 limits the numbers of hosts scanned in parallel to one. You can omit or bump this if you don’t care how much noise you make.
Other useful switches:
-6 enables IPv6 scanning.
--resume will resume a partially-complete scan if you’ve been logging the output to a file (only works for normal and greppable output).
-sC enables script scanning with the entire default set, even the intrusive ones.
--open will limit nmap reporting to open or maybe open only (nmap will not report filtered or closed ports at all).
Like any other nmap scan, this will not check all 65K ports, but only the top 1K (according to nmap-services) for each protocol. Use
-p [range] to scan a specific set.
Including UDP in your scan will significantly increase the runtime.
The scan type switches can be combined (-sSUV) and are separate here just to better illustrate each switch.
For a further speed increase, you can use –max-rtt-timeout and calibrate it based on a generously padded round trip time to the host from a ping or similar.
Nmap has dozens more switches than are discussed here, read the man page to learn more.
You may have heard of pygments, a very popular syntax highlighting library for python, but it also comes with a very complete command-line interface called
I recommend you start by cloning it from git because the lexers can often have significant improvements between releases (for example several ES6 features had support introduced since the last release at time of writing):
An example for getting standalone html output of your code:
pygmentize -O full,style=monokai -o $OUTPUT.html $INPUT.ext
Monokai has always seemed to me like it produces the nicest output, but generally I find that the output won’t look as sexy as what you see in your text editor. To get an idea of what some of the styles look like, take a look here.
Some switches to play with:
- To get partial output (suitable for embedding in a pre-existing document), remove
,full from the
-O (options) switch.
- You can use
-l to manually specify the lexer if pygments can’t guess it from your file extension.
- Similarly you can use
-f to specify the output format if pygments can’t guess it from your file extension.
- You can use
-L with the arguments
formatters for a list of supported languages, output options and output formats respectively.
When using a budget server provider, you may find yourself in a minimal install of your preferred OS. This saves the provider a few bucks on shared resources. I find it incredibly frustrating to be missing utilities I expect to find on any fresh install (
locale etc), so I like to upgrade to a full install off-the-bat.
A minimal install is often first characterized by a much more spartan motd than you’re used to.
Welcome to Ubuntu 14.04.1 LTS (GNU/Linux 3.13.0-45-generic x86_64)
* Documentation: https://help.ubuntu.com/
Last login: $DATESTAMP from $HOSTNAME
Getting your distro back to a standard server install is almost as straightforward as installing a package, but you use a different tool for the job. The
tasksel command is used by Debian-based distros to install pre-determined sets of packages at install time. You’ve probably seen this screen before:
Lucky for us, you can also use it after install. Running
tasksel --list-task will show a list of items not unlike the list shown during installation. Among the additional entries, you’ll see
u server Basic Ubuntu server, which is the base package for a full Ubuntu server installation. Install that guy, and you’re done!
tasksel install server
P.S. The motd will not be updated on install (docs here), the quickest way to have it updated is to reconnect to your machine, but since you had to do that to see it anyway…¯\_(ツ)_/¯
For your initial run:
For subsequent runs (identical except for first line):
You can stick this in cron.monthly if you’re so inclined (validity period is only 90 days).
/etc/letsencrypt/live/$DOMAIN/privkey.pem. You can just plug those paths into your config and be done with it if you like.
Bonus – convert SVG to PNG
Because gnuplot PNG output is awful. Needs librsvg from homebrew.
Bonus – preview the SVG from a terminal