Scanning a host with Nmap is a fairly routine act for some in security to do but you from time to time you want to either get a different view of a host or try to conceal your public IP. In this case I use this simple “trick” to run an nmap scan through TOR.
To do so you need to make sure you have nmap, tor and proxychains installed on your machine.
The simplest way to install these tools on ubuntu is with this command:
sudo apt-get update -y && sudo apt-get dist-upgrade -y && sudo apt-get install tor nmap proxychains -y
Once that is complete
proxychains nmap +options +target will run your nmap scan through the TOR network via proxychains. In this example I ran
proxychains nmap --top-ports 10 -sT -PN -n -sV 18.104.22.168 against my blog:
A couple of protips:
- This method is slow. You will want to know the hosts and the ports (
-top-ports 10) you want to scan and scope limit as much as possible.
- This *isnt* 100% anonymous. While using proxychains and tor will give you a basic level of anonymity its not irreversible.
- Wear mittens when it is cold outside.