I am using nmap to scan a Linux machine. It could show me port: 3306, service name: mysql. But if I install tomcat in Linux machine and made the listening port 1818 for tomcat, it could not show me the right service name, for example apache-tomcat, when I use nmap to scan the linux machine. The questions is whether it is possible to use nmap to scan the machine and return the right service name when service is not listening to the default port, 8080 for example?
Yes, Nmap can detect the service on any port by sending application-layer probes and matching responses against a database of known services and applications. This feature is called service and application version detection and is activated with the -sV option. Note that some less-robust applications may crash or produce unusual errors when scanned in this way.