By default, Nmap scans the 1,000 most common ports. But you can customize this with different options to scan fewer or more ports based on your goals.
This is useful for speeding up scans, checking only specific services, or performing full sweeps when needed.
--top-ports
Scans the top N most commonly used ports, based on a list of ports ranked by frequency of appearance across the internet.
nmap --top-ports=100 192.168.1.10Key points
- Scans only the most popular ports
- Faster than default 1000-port scan
- Great for quick checks or large networks
-F (Fast Mode)
Scans only ports listed in Nmap’s “nmap-services” file (usually around 100). It’s a faster scan with less detail.
nmap -F 192.168.1.10Key points
- Very fast scan
- Checks only common ports
- Good for initial sweeps or low-priority targets
-p- (Scan All 65,535 Ports)
Scans every single port from 1 to 65535. This is a full-range scan and takes more time.
nmap -p- 192.168.1.10Key points
- Complete scan of all TCP ports
- Slower, more detailed
- Useful for deep audits or hidden services
-p (Manual Port Selection)
Lets you define specific ports, ranges, or combinations using a single option. This gives full control over what Nmap checks.
nmap -p 22 192.168.1.10 # Just port 22
nmap -p 10-100 192.168.1.10 # Port range 10 to 100
nmap -p 22,80,443 192.168.1.10 # Multiple specific ports
nmap -p 1-100,443,8080 192.168.1.10 # Mixed range and valuesKey points
- Choose any port or range
- Useful for targeting known services
- Great for scanning fast with precision
Port Scan Type Comparison
| Option | What It Does | Speed | Customizable | Best For |
|---|---|---|---|---|
--top-ports | Scans top N most common ports | Fast | Yes | Prioritizing popular services |
-F | Fast scan of 100 common ports | Very Fast | No | Quick sweeps |
-p- | Scans all 65,535 ports | Slow | No | Full deep scans |
-p | Scan specific ports or ranges | Fast–Medium | Yes | Focused scans or known services |