CentOS 6.2使用NMAP工具扫描端口

分类:CentOS教程 阅读:86408 次

nmap是一个用于网络探索或安全评测的工具。它支持ping扫描(判定哪些主机在运行),多端口扫描技术(判定主机在提供哪些服务),以及 TCP/ip指纹(远程主机操作系统识别)。Nmap 还提供了灵活的目标和端口明细表,掩护扫描,TCP 序列可预测性特点的判定,逆向identd 扫描等等。

注:在NMAP-4.11中,ident逆向扫描已不再支持。(ident协议:用于TCP反向扫描,允许查看TCP连接所对应的进程的属主用户。例如,连接到HTTP服务以后,再执行ident扫描,可以发现服务器是否正在以root权限运行。)

NMAP的扫描语法

nmap [扫描类型] [选项] <扫描目标 ...>

常用的扫描类型

  • -ss,TCP SYN扫描(半开)
  • -sT,TCP 连接扫描(全开)
  • -sF,TCP FIN扫描
  • -su,UDP扫描
  • -sP,ICMP扫描
  • -P0,跳过ping检测

安装NMAP(我之前看过一个哥们很会动心思,他有个wab网站,但是跑去做安全设置,把ssh端口改的自己不记得了,他后面的解决办法就是用NMAP扫描出来的.........所以大家可以细细体会一下)

[root@chenyi ~]# yum install nmap #CentOS 6.2 的ISO中自带NMAP,直接Yum安装即可!

分别查看本机开放的TCP端口、UDP端口

[root@chenyi ~]# nmap 127.0.0.1 Starting Nmap 5.51 ( http://nmap.org ) at 2012-12-06 09:24 CST Nmap scan report for localhost (127.0.0.1) host is up (0.000016s latency). Not shown: 998 closed ports PORT STATE service 22/tcp open ssh 25/tcp open smtp Nmap done: 1 IP address (1 host up) scanned in 0.18 seconds [root@chenyi ~]# nmap -sU 127.0.0.1 Starting Nmap 5.51 ( http://nmap.org ) at 2012-12-06 09:25 CST Nmap scan report for localhost (127.0.0.1) Host is up (0.000018s latency). Not shown: 999 closed ports PORT STATE SERVICE 5353/udp open|filtered zeroconf Nmap done: 1 IP address (1 host up) scanned in 1.32 seconds

检测192.168.1.0/24网段有哪些主机提供ftp服务

[root@chenyi ~]# nmap -p 21 192.168.1.0/24 # -p 选项,指定目标端口 Starting Nmap 5.51 ( http://nmap.org ) at 2012-12-06 09:29 CST Nmap scan report for 192.168.1.1 Host is up (0.0035s latency). PORT STATE SERVICE 21/tcp filtered ftp #状态未知,可能被过滤 MAC Address: 00:1F:8F:69:27:53 (Shanghai Bellmann Digital Source Co.) Nmap scan report for 192.168.1.103 Host is up (0.00099s latency). PORT STATE SERVICE 21/tcp closed ftp MAC Address: 20:7C:8F:6B:E6:3E (Quanta Microsystems) Nmap scan report for 192.168.1.108 Host is up (0.0021s latency). PORT STATE SERVICE 21/tcp closed ftp MAC Address: 88:AE:1D:26:0B:0B (Compal Information(kunshan)co.) Nmap scan report for 192.168.1.110 Host is up (0.000093s latency). PORT STATE SERVICE 21/tcp closed ftp Nmap scan report for 192.168.1.210 Host is up (0.0091s latency). PORT STATE SERVICE 21/tcp filtered ftp MAC Address: 00:0C:29:CC:F3:02 (VMware) Nmap scan report for 192.168.1.253 Host is up (0.0020s latency). PORT STATE SERVICE 21/tcp filtered ftp MAC Address: 14:CF:92:47:07:04 (Unknown) Nmap done: 256 IP addresses (6 hosts up) scanned in 43.93 s<strong>econds</strong>

此时我开启一个FTP服务器 再次扫描!

.......省略一部分 Nmap scan report for 192.168.1.210 Host is up (0.0010s latency). PORT STATE SERVICE 21/tcp open ftp #此时21号端口表示是打开的 MAC Address: 00:0C:29:CC:F3:02 (VMware) .......省略一部分

检测192.168.1.0/24网段有哪些存活主机

[root@chenyi ~]# nmap -n -sP 192.168.1.0/24 #-n选项,禁用反向解析 Starting Nmap 5.51 ( http://nmap.org ) at 2012-12-06 09:40 CST Nmap scan report for 192.168.1.1 Host is up (0.0031s latency). MAC Address: 00:1F:8F:69:27:53 (Shanghai Bellmann Digital Source Co.) Nmap scan report for 192.168.1.103 Host is up (0.00025s latency). MAC Address: 20:7C:8F:6B:E6:3E (Quanta Microsystems) Nmap scan report for 192.168.1.108 Host is up (0.0024s latency). MAC Address: 88:AE:1D:26:0B:0B (Compal Information(kunshan)co.) Nmap scan report for 192.168.1.110 Host is up. Nmap scan report for 192.168.1.210 Host is up (0.00037s latency). MAC Address: 00:0C:29:CC:F3:02 (VMware) Nmap scan report for 192.168.1.253 Host is up (0.0056s latency). MAC Address: 14:CF:92:47:07:04 (Unknown) Nmap done: 256 IP addresses (6 hosts up) scanned in 3.63 seconds

到这里就不再多介绍了,端口扫描啊各种,大家自己琢磨下把!