举荐浏览:每天学一个 Linux 命令(66):ss
命令简介
nmap(Network Mapper - 网络映射器)命令用于网络探测和平安审核,是网络摸索工具和端口扫描程序。namp 它能够扫描单主机,也能够疾速扫描大型网络结构。
nmap 输入信息是你所扫描指标的列表,且每个指标都有具体的信息展现,具体的展现信息取决于所应用的选项。该信息中的要害是“乏味的端口表”。该表列出了端口号和协定,服务名称以及状态。状态为关上,已过滤,已敞开或未过滤。
[root@CentOS7-1 ~]# nmap --help-bash: nmap: command not found[root@CentOS7-1 ~]# yum install nmap -y语法格局
nmap [Scan Type...] [Options] {target specification}选项阐明
-O #激活探测操作-P0 #只进行扫描,不ping主机-PT #是同TCP的ping-sV #显示服务版本信息-sP #ping扫描,仅发现指标主机是否存活-ps #发送同步(SYN)报文-PU #发送udp ping-PE #强制执行间接的ICMPping-PB #默认模式-6 #应用IPv6地址-v #详细信息-d #减少调试信息地输入-A #应用所有高级扫描选项--resume #复原(持续上次)停止的扫描-P #指定要扫描的端口,能够是一个端口,用逗号隔开多个端口,应用“-”示意端口范畴-e #在多网络接口Linux零碎中,指定扫描应用的网络接口-g #将指定的端口作为源端口进行扫描--ttl #指定发送的扫描报文的生存期--packet-trace #显示扫描过程中收发报文统计--scanflags #设置在扫描报文中的TCP标记--send-eth/--send-ip #应用原始以太网发送/结构指定IP发送利用举例
典型的扫描
[root@CentOS7-1 ~]# nmap -A www.baidu.comStarting Nmap 6.40 ( http://nmap.org ) at 2021-03-13 04:30 ESTNmap scan report for www.baidu.com (36.152.44.95)Host is up (0.012s latency).Other addresses for www.baidu.com (not scanned): 36.152.44.96Not shown: 998 filtered portsPORT STATE SERVICE VERSION80/tcp open http-proxy sslstrip|_http-methods: No Allow or Public header in OPTIONS response (status code 302)| http-robots.txt: 10 disallowed entries | /baidu /s? /ulink? /link? /home/news/data/ /bh /shifen/ |_/homepage/ /cpro /|_http-title: xE7x99xBExE5xBAxA6xE4xB8x80xE4xB8x8BxEFxBCx8CxE4xBDxA0xE5xB0xB1xE7x9FxA5xE9x81x93443/tcp open ssl/http-proxy sslstrip|_http-methods: No Allow or Public header in OPTIONS response (status code 302)| http-robots.txt: 10 disallowed entries | /baidu /s? /ulink? /link? /home/news/data/ /bh /shifen/ |_/homepage/ /cpro /|_http-title: Site doesn't have a title (text/html).| ssl-cert: Subject: commonName=baidu.com/organizationName=Beijing Baidu Netcom Science Technology Co., Ltd/stateOrProvinceName=beijing/countryName=CN| Not valid before: 2020-04-02T06:04:58+00:00|_Not valid after: 2021-07-26T04:31:02+00:00|_ssl-date: 2021-03-16T03:14:21+00:00; +2d17h43m18s from local time.| tls-nextprotoneg: |_ http/1.1Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed portDevice type: specialized|switchRunning (JUST GUESSING): AVtech embedded (88%), HP embedded (86%)OS CPE: cpe:/h:hp:procurve_switch_4000mAggressive OS guesses: AVtech Room Alert 26W environmental monitor (88%), HP 4000M ProCurve switch (J4121A) (86%)No exact OS matches for host (test conditions non-ideal).Network Distance: 10 hopsTRACEROUTE (using port 80/tcp)HOP RTT ADDRESS1 0.97 ms 192.168.1.12 4.96 ms 100.106.0.13 ... 910 15.25 ms 36.152.44.95OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .Nmap done: 1 IP address (1 host up) scanned in 37.64 secondsTCP 端口扫描
[root@CentOS7-1 ~]# nmap -sT 192.168.1.100Starting Nmap 6.40 ( http://nmap.org ) at 2021-03-13 04:32 ESTNmap scan report for 192.168.1.100Host is up (0.00037s latency).Not shown: 999 closed portsPORT STATE SERVICE22/tcp open sshNmap done: 1 IP address (1 host up) scanned in 0.07 seconds扫描1-65535
[root@CentOS7-1 ~]# nmap -p 1-65535 -T4 -A -v 192.168.1.100Starting Nmap 6.40 ( http://nmap.org ) at 2021-03-13 04:33 ESTNSE: Loaded 110 scripts for scanning.NSE: Script Pre-scanning.Initiating Parallel DNS resolution of 1 host. at 04:33Completed Parallel DNS resolution of 1 host. at 04:33, 0.00s elapsedInitiating SYN Stealth Scan at 04:33Scanning 192.168.1.100 [65535 ports]Discovered open port 22/tcp on 192.168.1.100Discovered open port 19999/tcp on 192.168.1.100Completed SYN Stealth Scan at 04:33, 6.82s elapsed (65535 total ports)Initiating Service scan at 04:33Scanning 2 services on 192.168.1.100Completed Service scan at 04:33, 19.10s elapsed (2 services on 1 host)Initiating OS detection (try #1) against 192.168.1.100NSE: Script scanning 192.168.1.100.Initiating NSE at 04:34Completed NSE at 04:34, 0.14s elapsedNmap scan report for 192.168.1.100Host is up (0.000032s latency).Not shown: 65533 closed portsPORT STATE SERVICE VERSION22/tcp open ssh OpenSSH 7.4 (protocol 2.0)| ssh-hostkey: 2048 37:71:8e:4a:db:cc:ac:29:f2:a2:20:93:23:8c:f6:e8 (RSA)|_256 cc:4b:7d:b6:59:0f:77:83:a9:a5:32:70:4e:87:0d:41 (ECDSA)19999/tcp open unknown1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at http://www.insecure.org/cgi-bin/servicefp-submit.cgi :SF-Port19999-TCP:V=6.40%I=7%D=3/13%Time=604C86FA%P=x86_64-redhat-linux-gnuSF:%r(GenericLines,190,"HTTP/1.1x20400x20Badx20RequestrnConnection:SF:x20closernServer:x20NetDatax20Embeddedx20HTTPx20Serverx20v1.29SF:.3rnAccess-Control-Allow-Origin:x20*rnAccess-Control-Allow-CredenSF:tials:x20truernContent-Type:x20text/plain;x20charset=utf-8rnDateSF::x20Sat,x2013x20Marx202021x2009:33:46x20GMTrnCache-Control:x20SF:no-cache,x20no-store,x20must-revalidaternPragma:x20no-cachernExpSF:ires:x20Sat,x2013x20Marx202021x2009:33:47x20GMTrnContent-LengthSF::x2027rnrnIx20don'tx20understandx20you...rn")%r(GetRequestSF:,5580,"HTTP/1.1x20200x20OKrnConnection:x20closernServer:x20NetSF:Datax20Embeddedx20HTTPx20Serverx20v1.29.3rnAccess-Control-AllowSF:-Origin:x20*rnAccess-Control-Allow-Credentials:x20truernContent-SF:Type:x20text/html;x20charset=utf-8rnDate:x20Tue,x2009x20Febx202SF:021x2010:11:54x20GMTrnCache-Control:x20publicrnExpires:x20Sun,SF:x2014x20Marx202021x2009:33:46x20GMTrnContent-Length:x2085228rnSF:rn<!doctypex20html><htmlx20lang="en"><head><title>netdatax20dashSF:board</title><metax20name="application-name"x20content="netdata">SF:<metax20http-equiv="Content-Type"x20content="text/html;x20charsetSF:=utf-8"/><metax20charset="utf-8"><metax20http-equiv="X-UA-CompatiSF:ble"x20content="IE=edge,chrome=1"><metax20name="viewport"x20conSF:tent="width=device-width,initial-scale=1"><metax20name="apple-mobilSF:e-web-app-capable"x20content="yes"><metax20name="apple-mobile-webSF:-app-status-bar-style"x20content="black-translucent"><metax20name=SF:"author"x20content="costa@tsaousis.gr"><linkx20rel="icon"x20hSF:ref="data:image/x-icon;base64,iVBORw0KGgoAAA")%r(HTTPOptions,1C7,"HTTPSF:/1.1x20200x20OKrnConnection:x20closernServer:x20NetDatax20EmbSF:eddedx20HTTPx20Serverx20v1.29.3rnAccess-Control-Allow-Origin:x2SF:0*rnAccess-Control-Allow-Credentials:x20truernContent-Type:x20teSF:xt/plain;x20charset=utf-8rnDate:x20Sat,x2013x20Marx202021x2009:SF:33:47x20GMTrnAccess-Control-Allow-Methods:x20GET,x20OPTIONSrnAccSF:ess-Control-Allow-Headers:x20accept,x20x-requested-with,x20origin,xSF:20content-type,x20cookie,x20pragma,x20cache-control,x20x-auth-tokenSF:rnAccess-Control-Max-Age:x201209600rnContent-Length:x202rnrnOSF:K");Device type: general purposeRunning: Linux 3.XOS CPE: cpe:/o:linux:linux_kernel:3OS details: Linux 3.7 - 3.9Uptime guess: 0.241 days (since Fri Mar 12 22:47:04 2021)Network Distance: 0 hopsTCP Sequence Prediction: Difficulty=261 (Good luck!)IP ID Sequence Generation: All zerosNSE: Script Post-scanning.Initiating NSE at 04:34Completed NSE at 04:34, 0.00s elapsedRead data files from: /usr/bin/../share/nmapOS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .Nmap done: 1 IP address (1 host up) scanned in 29.46 seconds Raw packets sent: 65647 (2.891MB) | Rcvd: 131302 (5.519MB)UDP 端口扫描
[root@CentOS7-1 ~]# nmap -sU 192.168.1.100Starting Nmap 6.40 ( http://nmap.org ) at 2021-03-13 04:34 ESTNmap scan report for 192.168.1.100Host is up (0.0000040s latency).All 1000 scanned ports on 192.168.1.100 are closedNmap done: 1 IP address (1 host up) scanned in 1.65 seconds每天学一个 Linux 命令(64):ifconfig
每天学一个 Linux 命令(65):netstat