Linux 系统扫描技术及安全防范 之 nmap(批量主机服务扫描命令)
2015-07-12 00:12
881 查看
一、安装nmap
[root@hadoop Desktop]# yum install nmap
二、使用nmap
[root@hadoop Desktop]# nmap localhost Starting Nmap 5.51 ( http://nmap.org ) at 2015-07-11 22:53 CST Nmap scan report for localhost (127.0.0.1) Host is up (0.0000060s latency). Other addresses for localhost (not scanned): 127.0.0.1 Not shown: 998 closed ports PORT STATE SERVICE 22/tcp open ssh 25/tcp open smtp Nmap done: 1 IP address (1 host up) scanned in 0.11 seconds
ps:nmap localhost #查看主机当前开放的端口
[root@hadoop Desktop]# nmap -p 1024-65535 localhost Starting Nmap 5.51 ( http://nmap.org ) at 2015-07-11 22:59 CST Nmap scan report for localhost (127.0.0.1) Host is up (0.0000060s latency). Other addresses for localhost (not scanned): 127.0.0.1 All 64512 scanned ports on localhost (127.0.0.1) are closed Nmap done: 1 IP address (1 host up) scanned in 0.94 seconds
ps:nmap -p 1024-65535 localhost #查看主机端口(1024-65535)中开放的端口
[root@hadoop Desktop]# nmap -PS 192.168.137.163 Starting Nmap 5.51 ( http://nmap.org ) at 2015-07-11 23:04 CST Nmap scan report for 192.168.137.163 Host is up (0.0000060s latency). Not shown: 999 closed ports PORT STATE SERVICE 22/tcp open ssh Nmap done: 1 IP address (1 host up) scanned in 0.17 seconds
ps:nmap -PS 192.168.21.163 #探测目标主机开放的端口
目标地址还可以换成主机段(192.168.21.163/24),或者跟上两个目标地址,一个是目标起始地址另一个是目标结束地址,作用是在这个范围内的地址都将被扫描
[root@hadoop Desktop]# nmap -sP 115.239.211.112/24 Starting Nmap 5.51 ( http://nmap.org ) at 2015-07-11 23:40 CST Nmap scan report for 115.239.211.251 Host is up (0.015s latency). Nmap scan report for 115.239.211.252 Host is up (0.019s latency). Nmap scan report for 115.239.211.253 Host is up (0.0099s latency). Nmap scan report for 115.239.211.254 Host is up (0.018s latency). Nmap done: 4 IP addresses (205 hosts up) scanned in 18.89 seconds
ps:nmap -sP 115.239.211.112/24 #这里的s是小写的s,探测主机段中哪些主机时存活的
[root@hadoop Desktop]# nmap -PS22,80,3306 192.168.21.163 Starting Nmap 5.51 ( http://nmap.org ) at 2015-07-11 23:13 CST Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn Nmap done: 1 IP address (0 hosts up) scanned in 3.07 seconds
ps:nmap -PS22,80,3306 192.168.21.163 #探测所列出的目标主机端口
[root@hadoop Desktop]# nmap -O 192.168.137.163 Starting Nmap 5.51 ( http://nmap.org ) at 2015-07-11 23:18 CST Nmap scan report for 192.168.137.163 Host is up (0.000067s latency). Not shown: 999 closed ports PORT STATE SERVICE 22/tcp open ssh No exact OS matches for host (If you know what OS is running on it, see http://nmap.org/submit/ ). TCP/IP fingerprint: OS:SCAN(V=5.51%D=7/11%OT=22%CT=1%CU=43501%PV=Y%DS=0%DC=L%G=Y%TM=55A133CE%P= OS:i386-redhat-linux-gnu)SEQ(SP=104%GCD=1%ISR=10B%TI=Z%CI=Z%II=I%TS=A)OPS(O OS:1=M400CST11NW6%O2=M400CST11NW6%O3=M400CNNT11NW6%O4=M400CST11NW6%O5=M400C OS:ST11NW6%O6=M400CST11)WIN(W1=8000%W2=8000%W3=8000%W4=8000%W5=8000%W6=8000 OS:)ECN(R=Y%DF=Y%T=40%W=8018%O=M400CNNSNW6%CC=Y%Q=)T1(R=Y%DF=Y%T=40%S=O%A=S OS:+%F=AS%RD=0%Q=)T2(R=N)T3(R=N)T4(R=Y%DF=Y%T=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q= OS:)T5(R=Y%DF=Y%T=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)T6(R=Y%DF=Y%T=40%W=0%S=A% OS:A=Z%F=R%O=%RD=0%Q=)T7(R=Y%DF=Y%T=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)U1(R=Y% OS:DF=N%T=40%IPL=164%UN=0%RIPL=G%RID=G%RIPCK=G%RUCK=G%RUD=G)IE(R=Y%DFI=N%T= OS:40%CD=S) Network Distance: 0 hops OS detection performed. Please report any incorrect results at http://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 12.38 seconds
ps:nmap -O 192.168.21.163 #探测目标主机操作系统类型
三、总结扩展
扫描类型 | 描述 | 特点 |
---|---|---|
ICMP协议(-P) | ping扫描 | 简单、快速、有效 |
TCP SYN扫描(-sS) | TCP半开放扫描 | 高效、不易被检测、通用 |
TCP connect()扫描(-sT) | TCP全开放扫描 | 真实、结果可靠 |
UDP扫描(-sU) | UDP协议扫描 | 有效透过防火墙策略 |
相关文章推荐
- 从简入难makefile文件编写,Linux C++编程,简单vi命令
- 在linux上添加开机自启动脚本的简单方法
- CentOS6.5安装与配置Mysql数据库
- Linux下统计代码行数
- linux 日志定时清理脚本
- linux程序设计——父进程和子进程(第十三章)
- colinux 的bat文件启动蓝屏问题
- Linux环境下安装JDK
- linux下串口编程简单实例
- linux下mysql基本命令
- LINUX进程调度之CFS算法
- Linux 系统扫描技术及安全防范 之 mtr
- Linux 常用命令(2)
- CentOS 6,7最小化安装后再安装图形界面
- linux下大于2T的硬盘格式化问题
- linux设备模型bus,device,driver
- Linux 系统扫描技术及安全防范 之 traceroute
- centos下安装zookeeper
- Linux中线程与CPU核的绑定
- centOS6.5安装gitLab服务器