nmap is so critical to hacking and cracking, it’s as easy to overlook as the air. But you do need to understand how TCP works, and how nmap exploits it, in order to do the job. nmap lets you scan using TCP connect scans ( -sT ), UDP scans, ( -sU ), ping scans ( -sP ) and so forth. Do be clear that connect scans are visible and logged, while stealth ( -sS ) scans are not.
A simple scan is as easy as listing an IP address or subnet:
Use an option to refine the scan type:
nmap -sS 192.168.1.0/24
Study the first tutorial listed below. Understand exactly what it is talking about. Go.
Network Mapping: Identifying Live Hosts
Highly detailed: http://nmap.org/bennieston-tutorial/ – see Section 16
Simpler, and less complete: http://www.go2linux.org/nmap-command-graph-front-end-port-scan
Really brief examples: http://www.cyberciti.biz/tips/linux-scanning-network-for-open-ports.html