A cheat sheet list of 10 nmap commands that are extremely useful for every Systems or Network Administrator

Recently I was compiling a list of Linux commands that every sysadmin should know. One of the first commands that came to mind was nmap.

nmap is a powerful network scanner used to identify systems and services. nmap was originally developed with network security in mind, it is a tool that was designed to find vulnerabilities within a network. nmap is more than just a simple port scanner though, you can use nmap to find specific versions of services, certain OS types, or even find that pesky printer someone put on your network without telling you.

nmap can be used for good and for evil, today we will cover some common situations where nmap makes life easier for sysadmins which is generally good. Even if some Sysadmins are evil…

Discover IP’s in a subnet (no root)

 $ nmap -sP 192.168.0.0/24
 Starting Nmap 5.21 ( http://nmap.org ) at 2013-02-24 09:37 MST
 Nmap scan report for 192.168.0.1
 Host is up (0.0010s latency).
 Nmap scan report for 192.168.0.95
 Host is up (0.0031s latency).
 Nmap scan report for 192.168.0.110
 Host is up (0.0018s latency).

This is one of the simplest uses of nmap. This command is commonly refereed to as a “ping scan”, and tells nmap to send an icmp echo request, TCP SYN to port 443, TCP ACK to port 80 and icmp timestamp request to all hosts in the specified subnet. nmap will simply return a list of ip’s that responded. Unlike many nmap commands this particular one does not require root privileges, however when executed by root nmap will also by default send arp requests to the subnet.

Scan for open ports (no root)

 $ nmap 192.168.0.0/24
 Starting Nmap 5.21 ( http://nmap.org ) at 2013-02-24 09:23 MST
 Nmap scan report for 192.168.0.1
 Host is up (0.0043s latency).
 Not shown: 998 closed ports
 PORT STATE SERVICE
 80/tcp open http
 443/tcp open https

This scan is the default scan for nmap and can take some time to generate. With this scan nmap will attempt a TCP SYN connection to 1000 of the most common ports as well as an icmp echo request to determine if a host is up. nmap will also perform a DNS reverse lookup on the identified ip’s as this can sometimes be useful information.

Identify the Operating System of a host (requires root)

 # nmap -O 192.168.0.164
 Starting Nmap 5.21 ( http://nmap.org ) at 2013-02-24 09:49 MST
 Nmap scan report for 192.168.0.164
 Host is up (0.00032s latency).
 Not shown: 996 closed ports
 PORT STATE SERVICE
 88/tcp open kerberos-sec
 139/tcp open netbios-ssn
 445/tcp open microsoft-ds
 631/tcp open ipp
 MAC Address: 00:00:00:00:00:00 (Unknown)
 Device type: general purpose
 Running: Apple Mac OS X 10.5.X
 OS details: Apple Mac OS X 10.5 - 10.6 (Leopard - Snow Leopard) (Darwin 9.0.0b5 - 10.0.0)
 Network Distance: 1 hop

With the -O option nmap will try to guess the targets operating system. This is accomplished by utilizing information that nmap is already getting through the TCP SYN port scan. This is usually a best guess but can actually be fairly accurate. The operating system scan however does require root privileges.

Identify Hostnames (no root)

 $ nmap -sL 192.168.0.0/24
 Starting Nmap 5.21 ( http://nmap.org ) at 2013-02-24 09:59 MST
 Nmap scan report for 192.168.0.0
 Nmap scan report for router.local (192.168.0.1)
 Nmap scan report for fakehost.local (192.168.0.2)
 Nmap scan report for another.fakehost.local (192.168.0.3)

This is one of the most subtle commands of nmap, the -sL flag tells nmap to do a simple DNS query for the specified ip. This allows you to find hostnames for all of the ip’s in a subnet without having send a packet to the individual hosts themselves.

Hostname information can tell you a lot more about a network than you would think, for instance if you labeled your Active Directory Servers with ads01.domain.com you shouldn’t be surprised if someone guesses its use.

TCP Syn and UDP Scan (requires root)

 # nmap -sS -sU -PN 192.168.0.164
 Starting Nmap 5.21 ( http://nmap.org ) at 2013-02-24 13:25 MST
 Nmap scan report for 192.168.0.164
 Host is up (0.00029s latency).
 Not shown: 1494 closed ports, 496 filtered ports
 PORT STATE SERVICE
 88/tcp open kerberos-sec
 139/tcp open netbios-ssn
 445/tcp open microsoft-ds
 631/tcp open ipp
 88/udp open|filtered kerberos-sec
 123/udp open ntp
 137/udp open netbios-ns
 138/udp open|filtered netbios-dgm
 631/udp open|filtered ipp
 5353/udp open zeroconf

The TCP SYN and UDP scan will take a while to generate but is fairly unobtrusive and stealthy. This command will check about 2000 common tcp and udp ports to see if they are responding. When you use the -Pn flag this tells nmap to skip the ping scan and assume the host is up. This can be useful when there is a firewall that might be preventing icmp replies.

TCP SYN and UDP scan for all ports (requires root)

 # nmap -sS -sU -PN -p 1-65535 192.168.0.164
 Starting Nmap 5.21 ( http://nmap.org ) at 2013-02-24 10:18 MST
 Nmap scan report for 192.168.0.164
 Host is up (0.00029s latency).
 Not shown: 131052 closed ports
 PORT STATE SERVICE
 88/tcp open kerberos-sec
 139/tcp open netbios-ssn
 445/tcp open microsoft-ds
 631/tcp open ipp
 17500/tcp open unknown
 88/udp open|filtered kerberos-sec
 123/udp open ntp
 137/udp open netbios-ns
 138/udp open|filtered netbios-dgm
 631/udp open|filtered ipp
 5353/udp open zeroconf
 17500/udp open|filtered unknown
 51657/udp open|filtered unknown
 54658/udp open|filtered unknown
 56128/udp open|filtered unknown
 57798/udp open|filtered unknown
 58488/udp open|filtered unknown
 60027/udp open|filtered unknown

This command is the same as above however by specifying the full port range from 1 to 65535 nmap will scan to see if the host is listening on all available ports. You can use the port range specification on any scan that performs a port scan.

TCP Connect Scan (no root)

 $ nmap -sT 192.168.0.164
 Starting Nmap 5.21 ( http://nmap.org ) at 2013-02-24 12:48 MST
 Nmap scan report for 192.168.0.164
 Host is up (0.0014s latency).
 Not shown: 964 closed ports, 32 filtered ports
 PORT STATE SERVICE
 88/tcp open kerberos-sec
 139/tcp open netbios-ssn
 445/tcp open microsoft-ds
 631/tcp open ipp

This command is similar to the TCP SYN scan however rather than sending a SYN packet and reviewing the headers it will ask the OS to establish a TCP connection to the 1000 common ports.

Aggressively Scan Hosts (no root)

 $ nmap -T4 -A 192.168.0.0/24
 Nmap scan report for 192.168.0.95
 Host is up (0.00060s latency).
 Not shown: 996 closed ports
 PORT STATE SERVICE VERSION
 22/tcp open ssh OpenSSH 5.9p1 Debian 5ubuntu1 (protocol 2.0)
 | ssh-hostkey: 1024 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:6c (DSA)
 |_2048 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:6c (RSA)
 80/tcp open http nginx 1.1.19
 |_http-title: 403 Forbidden
 |_http-methods: No Allow or Public header in OPTIONS response (status code 405)
 111/tcp open rpcbind
 | rpcinfo:
 | program version port/proto service
 | 100000 2,3,4 111/tcp rpcbind
 | 100000 2,3,4 111/udp rpcbind
 | 100003 2,3,4 2049/tcp nfs
 | 100003 2,3,4 2049/udp nfs
 | 100005 1,2,3 46448/tcp mountd
 | 100005 1,2,3 52408/udp mountd
 | 100021 1,3,4 35394/udp nlockmgr
 | 100021 1,3,4 57150/tcp nlockmgr
 | 100024 1 49363/tcp status
 | 100024 1 51515/udp status
 | 100227 2,3 2049/tcp nfs_acl
 |_ 100227 2,3 2049/udp nfs_acl
 2049/tcp open nfs (nfs V2-4) 2-4 (rpc #100003)
 Service Info: OS: Linux; CPE: cpe:/o:linux:kernel

Unlike some of the earlier commands this command is very aggressive and very obtrusive. The -A simply tells nmap to perform OS checking and version checking. The -T4 is for the speed template, these templates are what tells nmap how quickly to perform the scan. The speed template ranges from 0 for slow and stealthy to 5 for fast and obvious.

Fast Scan (no root)

 $ nmap -T4 -F 192.168.0.164
 Starting Nmap 6.01 ( http://nmap.org ) at 2013-02-24 12:49 MST
 Nmap scan report for 192.168.0.164
 Host is up (0.00047s latency).
 Not shown: 96 closed ports
 PORT STATE SERVICE
 88/tcp open kerberos-sec
 139/tcp open netbios-ssn
 445/tcp open microsoft-ds
 631/tcp open ipp

This scan limits the scan to the most common 100 ports, if you simply want to know some potential hosts with ports open that shouldn’t be this is a quick and dirty command to use.

Verbose

 $ nmap -T4 -A -v 192.168.0.164
 Starting Nmap 6.01 ( http://nmap.org ) at 2013-02-24 12:50 MST
 NSE: Loaded 93 scripts for scanning.
 NSE: Script Pre-scanning.
 Initiating Ping Scan at 12:50
 Scanning 192.168.0.164 [2 ports]
 Completed Ping Scan at 12:50, 0.00s elapsed (1 total hosts)
 Initiating Parallel DNS resolution of 1 host. at 12:50
 Completed Parallel DNS resolution of 1 host. at 12:50, 0.01s elapsed
 Initiating Connect Scan at 12:50
 Scanning 192.168.0.164 [1000 ports]
 Discovered open port 139/tcp on 192.168.0.164
 Discovered open port 445/tcp on 192.168.0.164
 Discovered open port 88/tcp on 192.168.0.164
 Discovered open port 631/tcp on 192.168.0.164
 Completed Connect Scan at 12:50, 5.22s elapsed (1000 total ports)
 Initiating Service scan at 12:50
 Scanning 4 services on 192.168.0.164
 Completed Service scan at 12:51, 11.00s elapsed (4 services on 1 host)
 NSE: Script scanning 192.168.0.164.
 Initiating NSE at 12:51
 Completed NSE at 12:51, 12.11s elapsed
 Nmap scan report for 192.168.0.164
 Host is up (0.00026s latency).
 Not shown: 996 closed ports
 PORT STATE SERVICE VERSION
 88/tcp open kerberos-sec Mac OS X kerberos-sec
 139/tcp open netbios-ssn Samba smbd 3.X (workgroup: WORKGROUP)
 445/tcp open netbios-ssn Samba smbd 3.X (workgroup: WORKGROUP)
 631/tcp open ipp CUPS 1.4
 | http-methods: GET HEAD OPTIONS POST PUT
 | Potentially risky methods: PUT
 |_See http://nmap.org/nsedoc/scripts/http-methods.html
 | http-robots.txt: 1 disallowed entry
 |_/
 Service Info: OS: Mac OS X; CPE: cpe:/o:apple:mac_os_x

By adding verbose to a majority of the commands above you get a better insight into what nmap is doing; for some scans verbosity will provide additional details that the report does not provide.

While these are 10 very useful nmap commands I am sure there are some more handy nmap examples out there. If you have one to add to this list feel free to drop it into a comment.

Source: http://bencane.com/2013/02/25/10-nmap-commands-every-sysadmin-should-know/

Netdata Custom Dashboards

You can:

  • create your own dashboards using simple HTML (no javascript is required for basic dashboards)
  • utilizing any or all of the available chart libraries, on the same dashboard
  • using data from one or more netdata servers, on the same dashboard
  • host your dashboard HTML page on any web server, anywhere

netdata charts can also be added to existing web pages.

Check this very simple working example of a custom dashboard, and its html source.

If you plan to put it on TV, check tv.html. This is a screenshot of it, monitoring 2 servers on the same page:

image

Web directory

The default web root directory is /usr/share/netdata/web where you will find examples such as tv.html, and demo.html as well as the main dashboard contained in index.html.
Note: index.html have a different syntax. Don’t use it as a template for simple custom dashboards.

Example empty dashboard

If you need to create a new dashboard on an empty page, we suggest the following header:

<!DOCTYPE html>
<html lang="en">
<head>
	<title>Your dashboard</title>

	<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
	<meta charset="utf-8">
	<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
	<meta name="viewport" content="width=device-width, initial-scale=1">
	<meta name="apple-mobile-web-app-capable" content="yes">
	<meta name="apple-mobile-web-app-status-bar-style" content="black-translucent">

	<!-- here we will add dashboard.js -->

</head>
<body>

<!-- here we will add charts -->

</body>
</html>

dashboard.js

To add netdata charts to any web page (dedicated to netdata or not), you need to include the /dashboard.js file of a netdata server.

For example, if your netdata server listens at http://box:19999/, you will need to add the following to the head section of your web page:

<script type="text/javascript" src="http://box:19999/dashboard.js"></script>

what dashboard.js does?

dashboard.js will automatically load the following:

  1. dashboard.css, required for the netdata charts
  2. jquery.min.js, (only if jquery is not already loaded for this web page)
  3. bootstrap.min.js (only if bootstrap is not already loaded) and bootstrap.min.css.You can disable this by adding the following before loading dashboard.js:
<script>var netdataNoBootstrap = true;</script>
  1. jquery.nanoscroller.min.js, required for the scrollbar of the chart legends.
  2. bootstrap-toggle.min.js and bootstrap-toggle.min.css, required for the settings toggle buttons.
  3. font-awesome.min.css, for icons.

When dashboard.js loads will scan the page for elements that define charts (see below) and immediately start refreshing them. Keep in mind more javascript modules may be loaded (every chart library is a different javascript file, that is loaded on first use).

Prevent dashboard.js from starting chart refreshes

If your web page is not static and you plan to add charts using javascript, you can tell dashboard.js not to start processing charts immediately after loaded, by adding this fragment before loading it:

<script>var netdataDontStart = true;</script>

The above, will inform the dashboard.js to load everything, but not process the web page until you tell it to. You can tell it to start processing the page, by running this javascript code:

NETDATA.start();

Be careful not to call the NETDATA.start() multiple times. Each call to this function will spawn a new thread that will start refreshing the charts.

If, after calling NETDATA.start() you need to update the page (or even get your javascript code synchronized with dashboard.js), you can call (after you loaded dashboard.js):

NETDATA.pause(function() {
  // ok, it is paused

  // update the DOM as you wish

  // and then call this to let the charts refresh:
  NETDATA.unpause();
});

The default netdata server

dashboard.js will attempt to auto-detect the URL of the netdata server it is loaded from, and set this server as the default netdata server for all charts.

If you need to set any other URL as the default netdata server for all charts that do not specify a netdata server, add this before loading dashboard.js:

<script type="text/javascript">var netdataServer = "http://your.netdata.server:19999";</script>

Adding charts

To add charts, you need to add a div for each of them. Each of these div elements accept a few data- attributes:

The chart unique ID

The unique ID of a chart is shown at the title of the chart of the default netdata dashboard. You can also find all the charts available at your netdata server with this URL: http://your.netdata.server:19999/api/v1/charts (example).

To specify the unique id, use this:

<div data-netdata="unique.id"></div>

The above is enough for adding a chart. It most probably have the wrong visual settings though. Keep reading…

The duration of the chart

You can specify the duration of the chart (how much time of data it will show) using:

<div data-netdata="unique.id"
     data-after="AFTER_SECONDS"
     data-before="BEFORE_SECONDS"
     ></div>

AFTER_SECONDS and BEFORE_SECONDS are numbers representing a time-frame in seconds.

The can be either:

  • absolute unix timestamps (in javascript terms, they are new Date().getTime() / 1000. Using absolute timestamps you can have a chart showing always the same time-frame.
  • relative number of seconds to now. To show the last 10 minutes of data, AFTER_SECONDS must be -600 (relative to now) and BEFORE_SECONDS must be 0 (meaning: now). If you want the chart to auto-refresh the current values, you need to specify relative values.

Chart dimensions

You can set the dimensions of the chart using this:

<div data-netdata="unique.id"
     data-width="WIDTH"
     data-height="HEIGHT"
     ></div>

WIDTH and HEIGHT can be anything CSS accepts for width and height (e.g. percentages, pixels, etc). Keep in mind that for certain chart libraries, dashboard.js may apply an aspect ratio to these.

If you want dashboard.js to remember permanently (browser local storage) the dimensions of the chart (the user may resize it), you can add: data-id="SETTINGS_ID", where SETTINGS_ID is anything that will be common for this chart across user sessions.

Netdata server

Each chart can get data from a different netdata server. You can give per chart the netdata server using:

<div data-netdata="unique.id"
     data-host="http://another.netdata.server:19999/"
     ></div>

Chart library

The default chart library is dygraph. You set a different chart library per chart using this:

<div data-netdata="unique.id"
     data-chart-library="gauge"
     ></div>

Each chart library may support more chart-library specific settings. Please refer to the documentation of the chart library you are interested, in this wiki.

Data points

For the time-frame requested, dashboard.js will use the chart dimensions and the settings of the chart library to find out how many data points it can show.

For example, most line chart libraries are using 3 pixels per data point. If the chart shows 10 minutes of data (600 seconds), its update frequency is 1 second, and the chart width is 1800 pixels, then dashboard.js will request from the netdata server: 10 minutes of data, represented in 600 points, and the chart will be refreshed per second. If the user resizes the window so that the chart becomes 600 pixels wide, then dashboard.js will request the same 10 minutes of data, represented in 200 points and the chart will be refreshed once every 3 seconds.

If you need to have a fixed number of points in the data source retrieved from the netdata server, you can set:

<div data-netdata="unique.id"
     data-points="DATA_POINTS"
     ></div>

Where DATA_POINTS is the number of points you need.

You can also overwrite the pixels-per-point per chart using this:

<div data-netdata="unique.id"
     data-pixels-per-point="PIXELS_PER_POINT"
     ></div>

Where PIXELS_PER_POINT is the number of pixels each data point should occupy.

Data grouping method

Netdata supports average (the default) or max grouping methods. The grouping method is used when the netdata server is requested to return fewer points for a time-frame, compared to the number of points available.

You can give it per chart, using:

<div data-netdata="unique.id"
     data-method="max"
     ></div>

Selecting dimensions

By default, dashboard.js will show all the dimensions of the chart. You can select specific dimensions using this:

<div data-netdata="unique.id"
     data-dimensions="dimension1,dimension2,dimension3,..."
     ></div>

Chart title

You can overwrite the title of the chart using this:

<div data-netdata="unique.id"
     data-title="my super chart"
     ></div>

Chart units

You can overwrite the units of measurement of the dimensions of the chart, using this:

<div data-netdata="unique.id"
     data-units="words/second"
     ></div>

Chart colors

dashboard.js has an internal palette of colors for the dimensions of the charts. You can prepend colors to it (so that your will be used first) using this:

<div data-netdata="unique.id"
     data-colors="#AABBCC #DDEEFF ..."
     ></div>

Extracting dimension values

dashboard.js can update the selected values of the chart at elements you specify. For example, let’s assume we have a chart that measures the bandwidth of eth0, with 2 dimensions in and out. You can use this:

<div data-netdata="net.eth0"
     data-show-value-of-in-at="eth0_in_value"
     data-show-value-of-out-at="eth0_out_value"
     ></div>

My eth0 interface, is receiving <span id="eth0_in_value"></span>
and transmitting <span id="eth0_out_value"></span>.

Hiding the legend of a chart

On charts that by default have a legend managed by dashboard.js you can remove it, using this:

<div data-netdata="unique.id"
     data-legend="no"
     ></div>

API options

You can append netdata REST API v1 data options, using this:

<div data-netdata="unique.id"
     data-append-options="absolute,percentage"
     ></div>

Chart library performance

dashboard.js measures the performance of the chart library when it renders the charts. You can specify an element ID you want this information to be visualized, using this:

<div data-netdata="unique.id"
     data-dt-element-name="measurement1"
     ></div>

refreshed in <span id="measurement1"></span> milliseconds!

https://github.com/firehol/netdata/wiki/Custom-Dashboards

Hyper-V IDE or SCSI? What’s Performing Better, Faster?

If you wonder whether to use IDE or SCSI controllers for your Hyper-V virtual machines, the short answer is: IDE is fine.

There is no need to go for SCSI, it won’t be any faster. Note that you need to have a IDE connected virtual disk in order to boot.

If you want better performance, the virtual machines will run much faster if you:

  1. Use pass through disks instead
  2. Use fixed sized VHDs
  3. Refrain from using snapshots / checkpoints
  4. Refrain from using dynamically expanding disks
  5. Have at least 15% free space inside the VM at all times, and at least 10GB free. It’s an old characteristic of NTFS….
  6. Use paging files on a separate VHD, ideally hosted on a separate drive
  7. Use fixed-sized paging files
  8. Use 4KB NTFS cluster size on the host

Yes, from the performance side, a VM with IDE drives needs less processing to emulate IDE than using SCSI. Otherwise, in my experience, I did not have any breaks in using SCSI on Windows machines over using IDE. However I must say that during synthetic benchmarks, SCSI seems to be a little faster than IDE on Hyper-V.

https://community.spiceworks.com/topic/451467-hyperv-scsi-controller-v-ide-controller

Add or Remove Physical Hard Disk for Hyper-V Virtual Machine

Hyper-V enables running virtualized computer systems on top of a physical host. These virtualized systems (aka: guests) can be used and managed just as if they were physical computer systems, however they exist in a virtualized and isolated environment.

Your Hyper-V virtual machines can also be connected to physical hard disks from the host computer—not just to virtual hard disks. (This is sometimes referred to as having a “pass-through” disk connected to a virtual machine.)

This tutorial will show you how to add and remove physical hard disks to access from a Hyper-V virtual machine in Windows 8 and Windows 10.

Note   Note
Hyper-V is only available in the Window 8 Pro, Windows 8 Enterprise, Windows 10 Pro, Windows 10 Enterprise, and Windows 10 Education editions.

You can add hard drives (ex: HDD and SSD) and removable USB hard drives, but you will not be able to add removable media (ex: USB flash drive) to a Hyper-V virtual machine.

While you have a physical hard disk added to a Hyper-V virtual machine, you will not be able to create a checkpoint for the virtual machine.
CONTENTS:

  • Option One: To Add Physical Hard Disk to Hyper-V Virtual Machine
  • Option Two: To Remove Physical Hard Disk from Hyper-V Virtual Machine

 

To Add Physical Hard Disk to Hyper-V Virtual Machine
1. Open Disk Management (diskmgmt.msc).

2. Right click on the online disk (ex: Disk 3 – “Internal HDD”) you want to add to the VM, and click/tap on Offline. (see screenshot below)

Note   Note
It’s required that the physical hard disk be in an offline state on the host computer to be able to add to the VM.

Click image for larger version. 

Name:	Add_drive_to_Hyper-V_virtual_machine-1.png 
Views:	82 
Size:	71.5 KB 
ID:	90147

3. Once the disk is offline, you can close Disk Management if you like.

4. Open the settings of the Hyper-V virtual machine you want to add the disk to. (see screenshots below)

Note   Note
It doesn’t matter if you currently have the virtual machine off or running.

Name:  Hyper-V_VM_settings-1.png
Views: 1860
Size:  21.4 KB
Click image for larger version. 

Name:	Hyper-V_VM_settings-2.jpg 
Views:	236 
Size:	148.3 KB 
ID:	90156

5. In the VM’s settings, click/tap on SCSI Controller in the left navigation pane, select Hard Drive on the right side, and click/tap on the Add button. (see screenshot below)

Name:  Add_drive_to_Hyper-V_virtual_machine-3.png
Views: 607
Size:  60.5 KB

6. Select (dot) Physical hard disk on the right side, select the disk you want to add in the drop down menu, and click/tap on OK. (see screenshot below)

Name:  Add_drive_to_Hyper-V_virtual_machine-4.png
Views: 581
Size:  68.5 KB

7. The disk will now be available to access in the virtual machine. (see screenshot below)

Click image for larger version. 

Name:	Add_drive_to_Hyper-V_virtual_machine-5.jpg 
Views:	74 
Size:	123.7 KB 
ID:	90150

To Remove Physical Hard Disk from Hyper-V Virtual Machine

1. Open the settings of the Hyper-V virtual machine you want to remove the disk from. (see screenshots below)

Note   Note
It doesn’t matter if you currently have the virtual machine off or running.

Name:  Hyper-V_VM_settings-1.png
Views: 1860
Size:  21.4 KB
Click image for larger version. 

Name:	Hyper-V_VM_settings-2.jpg 
Views:	236 
Size:	148.3 KB 
ID:	90156

2. In the VM’s settings, select the disk you want to remove under SCSI Controller in the left navigation pane, and click/tap on the Remove button on the right side. (see screenshot below)

Name:  Remove_drive_from_Hyper-V_virtual_machine-2.png
Views: 608
Size:  66.9 KB

3. click/tap on OK. (see screenshot below)

Name:  Remove_drive_from_Hyper-V_virtual_machine-3.png
Views: 582
Size:  61.2 KB

4. The disk will now be removed from the virtual machine. (see screenshot below)

Click image for larger version. 

Name:	Remove_drive_from_Hyper-V_virtual_machine-5.jpg 
Views:	50 
Size:	118.7 KB 
ID:	90154

5. Open Disk Management (diskmgmt.msc).

6. Right click on the offline disk (ex: Disk 3 – “Internal HDD”) you removed from the VM, and click/tap on Online. (see screenshot below)

Note   Note
You will need to set the disk back to an online state to be able to access it from your host computer again.

Click image for larger version. 

Name:	Remove_drive_from_Hyper-V_virtual_machine-4.png 
Views:	47 
Size:	66.2 KB 
ID:	90163

7. Once the disk is back online, you can close Disk Management if you like.

Source: https://www.tenforums.com/tutorials/56257-add-remove-physical-hard-disk-hyper-v-virtual-machine.html