Using Nmap with IP2Location

Intro

Nmap (Network Mapper) is a free and open-source network scanner created by Gordon Lyon. It is a valuable tool in the arsenal of a network administrator to probe networks and much more. To enhance the functionality of Nmap, we have created a script to return geolocation information about the Nmap target. This script uses the IP2Location BIN database files which comes in the free LITE form as well as the commercial form.

Download free LITE BIN files at https://lite.ip2location.com/

Download paid BIN files at https://www.ip2location.com/

 

How to install the IP2Location script in Nmap

We will show the steps required for Debian Linux.

 

How to use Nmap with IP2Location

Run the following command to call Nmap with the IP2Location results. In this example, we are probing ip2location.com on port 80 to check its status. The IP address associated with ip2location.com will be used to query the IP2Location BIN file to get its geolocation information.

nmap --script ip-geolocation-ip2location -p80 ip2location.com --script-args ip-geolocation-ip2location.ip2location_db=/myfolder/DB24.BIN

 

You will see the following as the result of the command.

Starting Nmap 7.40 ( https://nmap.org ) at 2019-04-08 07:07 UTC
34.224.172.222
country_short: US
country_long: United States
region: Virginia
city: Ashburn
isp: Amazon Technologies Inc.
latitude: 39.04372
longitude: -77.487488
domain: amazon.com
zipcode: 20146
timezone: -04:00
netspeed: T1
iddcode: 1
areacode: 703
weatherstationcode: USVA0027
weatherstationname: Ashburn
mcc: –
mnc: –
mobilebrand: –
elevation: 89
usagetype: DCH
Nmap scan report for ip2location.com (34.224.172.222)
Host is up (0.00053s latency).
Other addresses for ip2location.com (not scanned): 2600:1f18:45b0:5b00:f5d8:4183:7710:ceec
rDNS record for 34.224.172.222: ec2-34-224-172-222.compute-1.amazonaws.com
PORT STATE SERVICE
80/tcp open http

Nmap done: 1 IP address (1 host up) scanned in 0.22 seconds

Conclusion

We believe that by combining the flexiblity of Nmap with the power of geolocation data by IP2Location, network administrators will now have a more potent tool to keep their networks safe from any malicious actors.

Was this article helpful?

Related Articles