(It has three basic functions, one is to sniff whether a group of hosts is online; the other is to scan host ports and sniff the network services provided; it can also infer the operating system used by the host. Nmap can be used to scan LANs with only two nodes/points, up to networks with more than 500 nodes/points. Nmap also enables users to customize scanning techniques. Usually, a simple ping operation using the ICMP protocol can meet the usual needs; it can also sniff UDP or TCP ports deeply, down to the operating system used by the host; it can also record all the sniffing results in various formats of logs, for further analysis.)