Skip to content
Latchkey

nmap: Usage, Options & Common CI Errors

nmap discovers hosts and open ports across a network.

nmap is the port scanner used in CI to verify a service is reachable on its port. The two recurring snags are ICMP-blocked hosts reporting "down" and SYN scans needing root.

What it does

nmap probes hosts to discover which ports are open, what services run on them (-sV), and other details. In pipelines it is typically a targeted reachability check: is port X open on host Y?

Common usage

Terminal
nmap -p 443 example.com
nmap -p 1-1000 --open 10.0.0.5                  # show only open ports
nmap -Pn -p 5432 db.internal                    # skip host-up (ping) check
nmap -sT -p 80,443 example.com                  # TCP connect scan (no root)
nmap -sV -p 8080 service.internal               # service/version detection

Options

FlagWhat it does
-p <ports>Port(s) or range to scan
-PnTreat host as up; skip the ping probe
-sT / -sSTCP connect scan / SYN scan (SYN needs root)
-sVProbe open ports for service/version
--openOnly report open ports
-nSkip reverse DNS resolution

Common errors in CI

"Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn" - cloud hosts and load balancers commonly drop ICMP, so add -Pn to scan anyway. The default -sS (SYN) scan needs root/CAP_NET_RAW: as non-root nmap falls back to -sT (connect), or errors "requires root privileges" if forced - use -sT in unprivileged containers. A port shown as "filtered" means a firewall/security group is dropping packets (different from "closed"). Scanning hosts you do not own may violate provider policy.

Related guides

Run this faster and cheaper on Latchkey managed runners. Start free →