Centos 6.2 使用NMAP工具扫描端口

浏览次数:2464 关键词 ( 端口  工具  Centos  NMAP  )

Nmap 是一个用于网络探索或安全评测的工具。它支持 ping 扫描(判定哪些主机在运行),多端口扫描技术(判定主机在提供哪些服务),以及 TCP/IP 指纹(远程主机操作系统识别)。Nmap 还提供了灵活的目标和端口明细表,掩护扫描,TCP 序列可预测性特点的判定,逆向identd 扫描等等。

注:在NMAP-4.11中,ident逆向扫描已不再支持。(ident协议:用于TCP反向扫描,允许查看TCP连接所对应的进程的属主用户。例如,连接到HTTP服务以后,再执行ident扫描,可以发现服务器是否正在以root权限运行。)

NMAP的扫描语法

nmap  [扫描类型]  [选项]  <扫描目标 ...>

常用的扫描类型

-sS,TCP SYN扫描(半开)

-sT,TCP 连接扫描(全开)

-sF,TCP FIN扫描

-sU,UDP扫描

-sP,ICMP扫描

-P0,跳过ping检测

安装NMAP(我之前看过一个哥们很会动心思,他有个wab网站,但是跑去做安全设置,把SSH端口改的自己不记得了,他后面的解决办法就是用NMAP扫描出来的.........所以大家可以细细体会一下)


[root@chenyi ~]# yum install nmap                           #Centos 6.2 的ISO中自带NMAP,直接Yum安装即可!

分别查看本机开放的TCP端口、UDP端口

12345678910111213141516171819202122[root@chenyi~]# nmap 127.0.0.1Starting Nmap5.51(img/20170809/1pezjwaqffp ) at 2012-12-06 09:24 CSTNmap scan report forlocalhost(127.0.0.1)Host isup(0.000016slatency).Notshown:998closed portsPORT   STATE SERVICE22/tcp open  ssh25/tcp open  smtpNmap done:1IP address(1host up)scanned in0.18seconds[root@chenyi~]# nmap -sU 127.0.0.1Starting Nmap5.51(img/20170809/1pezjwaqffp ) at 2012-12-06 09:25 CSTNmap scan report forlocalhost(127.0.0.1)Host isup(0.000018slatency).Notshown:999closed portsPORT     STATE         SERVICE5353/udp open|filtered zeroconfNmap done:1IP address(1host up)scanned in1.32seconds

检测192.168.1.0/24网段有哪些主机提供FTP服务

123456789101112131415161718192021222324252627282930313233343536373839[root@chenyi~]# nmap -p 21 192.168.1.0/24        # -p 选项,指定目标端口Starting Nmap5.51(img/20170809/1pezjwaqffp ) at 2012-12-06 09:29 CSTNmap scan report for192.168.1.1Host isup(0.0035slatency).PORT   STATE    SERVICE21/tcp filtered ftp#状态未知,可能被过滤MAC Address:00:1F:8F:69:27:53(Shanghai Bellmann Digital Source Co.)Nmap scan report for192.168.1.103Host isup(0.00099slatency).PORT   STATE  SERVICE21/tcp closed ftpMAC Address:20:7C:8F:6B:E6:3E(Quanta Microsystems)Nmap scan report for192.168.1.108Host isup(0.0021slatency).PORT   STATE  SERVICE21/tcp closed ftpMAC Address:88:AE:1D:26:0B:0B(Compal Information(kunshan)co.)Nmap scan report for192.168.1.110Host isup(0.000093slatency).PORT   STATE  SERVICE21/tcp closed ftpNmap scan report for192.168.1.210Host isup(0.0091slatency).PORT   STATE    SERVICE21/tcp filtered ftpMAC Address:00:0C:29:CC:F3:02(VMware)Nmap scan report for192.168.1.253Host isup(0.0020slatency).PORT   STATE    SERVICE21/tcp filtered ftpMAC Address:14:CF:92:47:07:04(Unknown)Nmap done:256IP addresses(6hosts up)scanned in43.93s<strong>econds</strong>

此时我开启一个FTP服务器 再次扫描!

1234567.......省略一部分Nmap scan report for192.168.1.210Host isup(0.0010slatency).PORT   STATE SERVICE21/tcp open  ftp#此时21号端口表示是打开的MAC Address:00:0C:29:CC:F3:02(VMware).......省略一部分

检测192.168.1.0/24网段有哪些存活主机      

123456789101112131415161718192021[root@chenyi~]# nmap -n -sP 192.168.1.0/24        #-n选项,禁用反向解析Starting Nmap5.51(img/20170809/1pezjwaqffp ) at 2012-12-06 09:40 CSTNmap scan report for192.168.1.1Host isup(0.0031slatency).MAC Address:00:1F:8F:69:27:53(Shanghai Bellmann Digital Source Co.)Nmap scan report for192.168.1.103Host isup(0.00025slatency).MAC Address:20:7C:8F:6B:E6:3E(Quanta Microsystems)Nmap scan report for192.168.1.108Host isup(0.0024slatency).MAC Address:88:AE:1D:26:0B:0B(Compal Information(kunshan)co.)Nmap scan report for192.168.1.110Host isup.Nmap scan report for192.168.1.210Host isup(0.00037slatency).MAC Address:00:0C:29:CC:F3:02(VMware)Nmap scan report for192.168.1.253Host isup(0.0056slatency).MAC Address:14:CF:92:47:07:04(Unknown)Nmap done:256IP addresses(6hosts up)scanned in3.63seconds

到这里就不再多介绍了,端口扫描啊各种,大家自己琢磨下把!