nmap

Network Mapper(nmap),nmap可以进行主机发现,端口扫描,版本侦测,操作系统侦测。

nmap提供了大量的参数控制端口扫描:

端口扫描协议:T(TCP),U(UDP),S(SCTP),p(IP)

端口扫描类型:-sS(TCP SYN),-sT(Connect),-sA(ACK),-sW(Windows),-sM(Maimon scans)

扫描的端口号:-p 80,443;-p 80-160

结合使用:nmap  -p U:22,55,T:20-100

1.主机发现

仅判断主机是否可达,不进行端口扫描

nmap -sP 127.0.0.1

[root@Ansible ~]# nmap -sP 127.0.0.1

Starting Nmap 6.40 ( http://nmap.org ) at 2020-09-12 14:06 CST
Nmap scan report for localhost (127.0.0.1)
Host is up.
Nmap done: 1 IP address (1 host up) scanned in 0.00 seconds

2.端口扫描

nmap 127.0.0.1

[root@Ansible ~]# nmap 127.0.0.1

Starting Nmap 6.40 ( http://nmap.org ) at 2020-09-12 14:08 CST
Nmap scan report for localhost (127.0.0.1)
Host is up (0.000015s latency).
Not shown: 996 closed ports
PORT STATE SERVICE
22/tcp open ssh
25/tcp open smtp
111/tcp open rpcbind
2049/tcp open nfs

Nmap done: 1 IP address (1 host up) scanned in 1.61 seconds

3.版本侦测

nmap -sV

[root@Ansible ~]# nmap -sV -p443 www.xxx.com

Starting Nmap 6.40 ( http://nmap.org ) at 2020-09-12 14:26 CST
Nmap scan report for www.arcsoft.com.cn (42.159.233.171)
Host is up (0.0036s latency).
PORT STATE SERVICE VERSION
443/tcp open http nginx 1.16.1

nmap可以同时指定多个ip,通过网段指定主机,通过通配符指定等。

nmap 192.168.1.1 192.168.1.2 192.168.1.3

nmap 192.168.1.*

nmap 192.168.1.1,2,3

nmap 192.168.1.1-100

nmap 192.168.1.* --exclude 192.168.1.2

nmap 192.168.1.1/24

nmap端口状态

端口状态状态含义
open端口开放
closed端口关闭
filtered端口被防火墙IDS/IPS屏蔽,无法确认状态
unfiltered端口没被屏蔽,是否开放需要进一步确定
open|filtered端口开放或被屏蔽
closed|filtered端口关闭或者被屏蔽


「 文章如果对你有帮助,请点个赞哦^^ 」 

0