Summary  
This chapter explains how to send specialized probes to open ports, analyze the returned responses, and match them against a signature database to detect running services and their exact versions.

General domain of usage  
Vulnerability assessment

**Video Description:** This video demonstrates a step-by-step walkthrough of using Nmap's service and version detection capabilities. You will see how to run a scan with the `-sV` option, interpret the output, and understand the significance of the information gathered for vulnerability assessment.

Service enumeration is a **critical process** in network security assessments. By identifying the **services running on open ports** of a target host, you gain insight into the possible vulnerabilities and misconfigurations that could be exploited. Understanding what software is exposed to the network allows you to **prioritize remediation efforts** and assess the attack surface more accurately.

Nmap is widely used for **service enumeration** due to its robust probing techniques. When you perform a service scan, Nmap sends specially crafted packets to open ports and analyzes the responses. By comparing these responses to its extensive database of **service signatures**, Nmap can determine not only which services are running, but also their versions. This detailed information is invaluable for **vulnerability assessment**, as certain exploits target specific service versions.

```
# Example: Running Nmap to detect services and versions on a host
# Command to execute in your shell:
nmap -sV 192.168.1.1

# Output (example):
# PORT     STATE SERVICE VERSION
# 22/tcp   open  ssh     OpenSSH 7.2p2 Ubuntu 4ubuntu2.8 (Ubuntu Linux; protocol 2.0)
# 80/tcp   open  http    Apache httpd 2.4.18 ((Ubuntu))
# 443/tcp  open  ssl/https
```

The `-sV` option in Nmap enables **service version detection**. This instructs Nmap to probe each open port more deeply, attempting to identify the exact software and version providing the service. The scan results will show not just the port and protocol, but also the detected service and its version, offering a much clearer picture of the environment's exposure.

Which Nmap option enables service version detection?

A comprehensive theoretical course on using Nmap for network enumeration, covering host discovery, port scanning, service and OS detection, NSE scripting, and practical reconnaissance techniques. Designed for cybersecurity learners seeking to master Nmap's capabilities through clear explanations, command examples, and real-world scenarios.

This section introduces the concept of network enumeration, its importance in cybersecurity, and provides a foundational understanding of Nmap, its features, and basic usage.

This section delves into advanced host discovery methods, port scanning strategies, and practical command usage for effective reconnaissance.

This section covers advanced Nmap features for service enumeration, operating system detection, and the use of Nmap Scripting Engine (NSE) for in-depth reconnaissance.

Service and Version Detection