参考网页:
http://nmap.org/man/zh/
查看版本;
zoo@zoo:~$ nmap -v
Starting Nmap 5.00 ( http://nmap.org ) at 2012-04-12 21:16 CST
NSE: Loaded 0 scripts for scanning.
Read data files from: /usr/share/nmap
WARNING: No targets were specified, so 0 hosts scanned.
Nmap done: 0 IP addresses (0 hosts up) scanned in 0.18 seconds
第一次扫描:
All 1000 scanned ports on 115.158.81.58 are closed
-A 表示操作系统及其版本的探测
-T4 可以加快执行速度
第一个是一个路由器,可以看出来运行了很多协议,只有telnet 是开放的,还有一些filtered的端口
第二个是我的主机,没有开启任何端口(还是linux安全啊...不像MS开一些135,139,你要办移动公司啊?!)
使用目标地址输入重定向:
zoo@zoo:~/桌面$ nmap -iL addr
Starting Nmap 5.00 ( http://nmap.org ) at 2012-04-12 20:54 CST
Interesting ports on 115.158.81.30:
Not shown: 992 closed ports
PORT STATE SERVICE
135/tcp open msrpc
139/tcp open netbios-ssn
445/tcp open microsoft-ds
49152/tcp open unknown
49153/tcp open unknown
49154/tcp open unknown
49155/tcp open unknown
49156/tcp open unknown
-iL 定向了一个文本文件
135/tcp open msrpc
139/tcp open netbios-ssn
445/tcp open microsoft-ds
可以看出这个童鞋使用MS,开启了一个移动公司...
-iR 随机扫描:
zoo@zoo:~$ nmap -iR 3
Starting Nmap 5.00 ( http://nmap.org ) at 2012-04-12 21:13 CST
Nmap done: 3 IP addresses (0 hosts up) scanned in 3.17 seconds
够无聊的
排除我的主机扫描:
zoo@zoo:~$ nmap 115.158.81.0/24 --exclude 115.158.81.1
Starting Nmap 5.00 ( http://nmap.org ) at 2012-04-12 21:32 CST
Interesting ports on 115.158.81.3:
Not shown: 987 closed ports
PORT STATE SERVICE
135/tcp filtered msrpc
139/tcp filtered netbios-ssn
256/tcp filtered fw1-secureremote
445/tcp filtered microsoft-ds
593/tcp filtered http-rpc-epmap
1068/tcp filtered instl_bootc
1723/tcp filtered pptp
4444/tcp filtered krb524
49152/tcp open unknown
49153/tcp open unknown
49154/tcp open unknown
49156/tcp open unknown
49157/tcp open unknown
Interesting ports on 115.158.81.11:
Not shown: 991 closed ports
PORT STATE SERVICE
135/tcp open msrpc
139/tcp open netbios-ssn
445/tcp open microsoft-ds
3389/tcp open ms-term-serv
49152/tcp open unknown
49153/tcp open unknown
49154/tcp open unknown
49155/tcp open unknown
49156/tcp open unknown
Interesting ports on 115.158.81.25:
Not shown: 991 closed ports
PORT STATE SERVICE
135/tcp open msrpc
139/tcp open netbios-ssn
445/tcp open microsoft-ds
49152/tcp open unknown
49153/tcp open unknown
49154/tcp open unknown
49156/tcp open unknown
49158/tcp open unknown
49159/tcp open unknown
Interesting ports on 115.158.81.43:
Not shown: 995 closed ports
PORT STATE SERVICE
135/tcp open msrpc
139/tcp open netbios-ssn
445/tcp open microsoft-ds
3389/tcp open ms-term-serv
6112/tcp open dtspc
Interesting ports on 115.158.81.46:
Not shown: 990 closed ports
PORT STATE SERVICE
135/tcp open msrpc
139/tcp open netbios-ssn
445/tcp open microsoft-ds
3389/tcp open ms-term-serv
49152/tcp open unknown
49153/tcp open unknown
49154/tcp open unknown
49155/tcp open unknown
49156/tcp open unknown
49157/tcp open unknown
All 1000 scanned ports on 115.158.81.58 are closed
Interesting ports on 115.158.81.75:
Not shown: 989 closed ports
PORT STATE SERVICE
135/tcp open msrpc
139/tcp open netbios-ssn
445/tcp open microsoft-ds
6000/tcp open X11
6001/tcp open X11:1
49152/tcp open unknown
49153/tcp open unknown
49154/tcp open unknown
49155/tcp open unknown
49156/tcp open unknown
49157/tcp open unknown
Interesting ports on 115.158.81.105:
Not shown: 995 closed ports
PORT STATE SERVICE
135/tcp open msrpc
139/tcp open netbios-ssn
843/tcp open unknown
2100/tcp open unknown
9000/tcp open cslistener
Interesting ports on 115.158.81.114:
Not shown: 983 closed ports
PORT STATE SERVICE
135/tcp filtered msrpc
139/tcp filtered netbios-ssn
256/tcp filtered fw1-secureremote
445/tcp filtered microsoft-ds
593/tcp filtered http-rpc-epmap
1068/tcp filtered instl_bootc
1723/tcp filtered pptp
2100/tcp open unknown
4444/tcp filtered krb524
6000/tcp open X11
6112/tcp open dtspc
49152/tcp open unknown
49153/tcp open unknown
49154/tcp open unknown
49156/tcp open unknown
49157/tcp open unknown
49158/tcp open unknown
Interesting ports on 115.158.81.136:
Not shown: 988 closed ports
PORT STATE SERVICE
135/tcp filtered msrpc
139/tcp filtered netbios-ssn
256/tcp filtered fw1-secureremote
445/tcp filtered microsoft-ds
593/tcp filtered http-rpc-epmap
843/tcp open unknown
1068/tcp filtered instl_bootc
1723/tcp filtered pptp
4444/tcp filtered krb524
6000/tcp open X11
9000/tcp open cslistener
16000/tcp open unknown
Interesting ports on 115.158.81.137:
Not shown: 998 closed ports
PORT STATE SERVICE
135/tcp open msrpc
139/tcp open netbios-ssn
Interesting ports on 115.158.81.142:
Not shown: 998 closed ports
PORT STATE SERVICE
135/tcp open msrpc
139/tcp open netbios-ssn
Interesting ports on 115.158.81.145:
Not shown: 993 closed ports
PORT STATE SERVICE
135/tcp open msrpc
139/tcp open netbios-ssn
445/tcp open microsoft-ds
912/tcp open unknown
2100/tcp open unknown
6001/tcp open X11:1
6112/tcp open dtspc
Interesting ports on 115.158.81.146:
Not shown: 987 closed ports
PORT STATE SERVICE
135/tcp filtered msrpc
139/tcp filtered netbios-ssn
256/tcp filtered fw1-secureremote
445/tcp filtered microsoft-ds
593/tcp filtered http-rpc-epmap
912/tcp open unknown
1039/tcp open unknown
1068/tcp filtered instl_bootc
1433/tcp open ms-sql-s
1723/tcp filtered pptp
2383/tcp open ms-olap4
4444/tcp filtered krb524
8080/tcp open http-proxy
Interesting ports on 115.158.81.147:
Not shown: 996 closed ports
PORT STATE SERVICE
135/tcp open msrpc
139/tcp open netbios-ssn
445/tcp open microsoft-ds
843/tcp open unknown
Interesting ports on 115.158.81.159:
Not shown: 996 closed ports
PORT STATE SERVICE
135/tcp open msrpc
139/tcp open netbios-ssn
445/tcp open microsoft-ds
912/tcp open unknown
Interesting ports on 115.158.81.164:
Not shown: 998 closed ports
PORT STATE SERVICE
135/tcp open msrpc
139/tcp open netbios-ssn
Interesting ports on 115.158.81.165:
Not shown: 991 closed ports
PORT STATE SERVICE
135/tcp open msrpc
139/tcp open netbios-ssn
445/tcp open microsoft-ds
912/tcp open unknown
3389/tcp open ms-term-serv
49152/tcp open unknown
49153/tcp open unknown
49154/tcp open unknown
49157/tcp open unknown
Interesting ports on 115.158.81.174:
Not shown: 988 closed ports
PORT STATE SERVICE
135/tcp filtered msrpc
139/tcp filtered netbios-ssn
256/tcp filtered fw1-secureremote
443/tcp open https
445/tcp filtered microsoft-ds
593/tcp filtered http-rpc-epmap
843/tcp open unknown
1068/tcp filtered instl_bootc
1723/tcp filtered pptp
4444/tcp filtered krb524
9000/tcp open cslistener
16000/tcp open unknown
Interesting ports on 115.158.81.178:
Not shown: 992 closed ports
PORT STATE SERVICE
135/tcp filtered msrpc
139/tcp filtered netbios-ssn
256/tcp filtered fw1-secureremote
445/tcp filtered microsoft-ds
593/tcp filtered http-rpc-epmap
1068/tcp filtered instl_bootc
1723/tcp filtered pptp
4444/tcp filtered krb524
Interesting ports on 115.158.81.181:
Not shown: 991 closed ports
PORT STATE SERVICE
135/tcp filtered msrpc
139/tcp filtered netbios-ssn
256/tcp filtered fw1-secureremote
445/tcp filtered microsoft-ds
593/tcp filtered http-rpc-epmap
1068/tcp filtered instl_bootc
1723/tcp filtered pptp
4444/tcp filtered krb524
8080/tcp open http-proxy
Interesting ports on 115.158.81.182:
Not shown: 991 closed ports
PORT STATE SERVICE
135/tcp filtered msrpc
139/tcp filtered netbios-ssn
256/tcp filtered fw1-secureremote
443/tcp open https
445/tcp filtered microsoft-ds
593/tcp filtered http-rpc-epmap
1068/tcp filtered instl_bootc
1723/tcp filtered pptp
4444/tcp filtered krb524
Interesting ports on 115.158.81.187:
Not shown: 997 closed ports
PORT STATE SERVICE
135/tcp open msrpc
139/tcp open netbios-ssn
445/tcp open microsoft-ds
Interesting ports on 115.158.81.189:
Not shown: 990 closed ports
PORT STATE SERVICE
135/tcp filtered msrpc
139/tcp filtered netbios-ssn
256/tcp filtered fw1-secureremote
445/tcp filtered microsoft-ds
593/tcp filtered http-rpc-epmap
843/tcp open unknown
1068/tcp filtered instl_bootc
1723/tcp filtered pptp
4444/tcp filtered krb524
9000/tcp open cslistener
Interesting ports on 115.158.81.192:
Not shown: 991 closed ports
PORT STATE SERVICE
135/tcp open msrpc
139/tcp open netbios-ssn
445/tcp open microsoft-ds
843/tcp open unknown
49152/tcp open unknown
49153/tcp open unknown
49154/tcp open unknown
49155/tcp open unknown
49156/tcp open unknown
Interesting ports on 115.158.81.198:
Not shown: 992 closed ports
PORT STATE SERVICE
135/tcp filtered msrpc
139/tcp filtered netbios-ssn
256/tcp filtered fw1-secureremote
445/tcp filtered microsoft-ds
593/tcp filtered http-rpc-epmap
1068/tcp filtered instl_bootc
1723/tcp filtered pptp
4444/tcp filtered krb524
Interesting ports on 115.158.81.199:
Not shown: 993 closed ports
PORT STATE SERVICE
135/tcp open msrpc
139/tcp open netbios-ssn
445/tcp open microsoft-ds
843/tcp open unknown
912/tcp open unknown
2383/tcp open ms-olap4
3306/tcp open mysql
Interesting ports on 115.158.81.200:
Not shown: 992 closed ports
PORT STATE SERVICE
135/tcp open msrpc
139/tcp open netbios-ssn
445/tcp open microsoft-ds
902/tcp open iss-realsecure
912/tcp open unknown
3389/tcp open ms-term-serv
9000/tcp open cslistener
16000/tcp open unknown
Interesting ports on 115.158.81.207:
Not shown: 992 closed ports
PORT STATE SERVICE
135/tcp filtered msrpc
139/tcp filtered netbios-ssn
256/tcp filtered fw1-secureremote
445/tcp filtered microsoft-ds
593/tcp filtered http-rpc-epmap
1068/tcp filtered instl_bootc
1723/tcp filtered pptp
4444/tcp filtered krb524
Interesting ports on 115.158.81.208:
Not shown: 992 closed ports
PORT STATE SERVICE
135/tcp filtered msrpc
139/tcp filtered netbios-ssn
256/tcp filtered fw1-secureremote
445/tcp filtered microsoft-ds
593/tcp filtered http-rpc-epmap
1068/tcp filtered instl_bootc
1723/tcp filtered pptp
4444/tcp filtered krb524
Interesting ports on 115.158.81.211:
Not shown: 997 closed ports
PORT STATE SERVICE
135/tcp open msrpc
139/tcp open netbios-ssn
445/tcp open microsoft-ds
Interesting ports on 115.158.81.235:
Not shown: 992 closed ports
PORT STATE SERVICE
135/tcp filtered msrpc
139/tcp filtered netbios-ssn
256/tcp filtered fw1-secureremote
445/tcp filtered microsoft-ds
593/tcp filtered http-rpc-epmap
1068/tcp filtered instl_bootc
1723/tcp filtered pptp
4444/tcp filtered krb524
Interesting ports on 115.158.81.248:
Not shown: 990 closed ports
PORT STATE SERVICE
135/tcp filtered msrpc
139/tcp filtered netbios-ssn
256/tcp filtered fw1-secureremote
445/tcp filtered microsoft-ds
593/tcp filtered http-rpc-epmap
1068/tcp filtered instl_bootc
1723/tcp filtered pptp
4444/tcp filtered krb524
6000/tcp open X11
6001/tcp open X11:1
Nmap done: 255 IP addresses (33 hosts up) scanned in 15.38 seconds
还可以排除某些主机
例如:
nmap 115.158.81.0/24 --exclude 115.158.81.1-10
就是不扫描1-10这10个地址
深度扫描:
我扫描一个可怜的童鞋,并使用telnet登录了那个端口49152
zoo@zoo:~$ netstat -a | grep 115.158.81.3
tcp 0 0 zoo.local:52722 115.158.81.3:49152 ESTABLISHED
可以看出链接已经建立了...
貌似有点意思,但是我也不知道有啥用,以后再说吧。。。
-6参数
扫描IP6地址:
nmap -6 fe80::29aa:9db9:4164:d80e
以后学习使用不同参数。