Home PC Games Linux Windows Database Network Programming Server Mobile  
           
  Home \ Linux \ Linux port scanning     - Ubuntu and derivative system users how to install Pinta 1.5 (Linux)

- Without Visual Studio .NET Windows application development (Programming)

- Build a Linux development environment under STC89C52RC (Linux)

- Ubuntu 14.04 Fixed update information is outdated error (Linux)

- To install the iNode client on UbuntuKylin 13.10 (Linux)

- Eclipse, Tomcat configuration JNDI connection Oracle data source example (Server)

- Install Linux Mint 17: 20 things to do (Linux)

- HashMap in Android and Java different implementations (Programming)

- Boot automatically remove Linux operating history records (Linux)

- Three binary tree traversal (recursive, non-recursive traversal and Morris) (Programming)

- Qt signals and slots mechanism (Programming)

- Android official recommendation: DialogFragment create dialog (Programming)

- Install KVM on Ubuntu and build a virtual environment (Linux)

- RHEL7 Apache MPM configuration (Server)

- Install OpenGL development environment in Fedora and Ubuntu (Linux)

- How to install and use the malware detection tool LMD and ClamAV antivirus engine on Linux (Linux)

- ORA-38856: Unable instance UNNAMED_INSTANCE_2 (redo thread 2) marked enabled (Database)

- Java objects to garbage collection (Programming)

- Udev: Device Manager for Linux Fundamentals (Linux)

- The Java development environment to build under Ubuntu 14.04 (Linux)

 
         
  Linux port scanning
     
  Add Date : 2018-11-21      
         
         
         
  NMap, that is, Network Mapper, is a network scanning and sniffing tool kit under Linux.

nmap is a network connecting end scanning software, used to scan your computer online open network connector. Determine which services run on which the connecting terminal, and which concluded that the computer running the operating system (which is also known as fingerprinting). It is one of the software network administrator must be used, as well as to assess the network security system.

Like most tools are used for network security tool, nmap is a lot of hacking and hackers (also known as script kids) love to use tools. System administrators can use nmap to detect unauthorized use of the work environment of the server, but the hackers will use nmap to collect the target computer's network settings so that planned method of attack.

Nmap often with software Nessus Vulnerability Assessment System confused. Nmap to covert way, to avoid the intrusion detection system to monitor and, where possible without affecting the daily operations of the target system.

Nmap in Matrix (The Matrix), together with SSH1 32-bit cyclic redundancy check vulnerability to intrusion by Trinity power station energy management systems.

Features

There are three basic functions, first to detect a group of hosts are online; followed by the host port scanning network services, provided by sniffing; can also be used to infer the host operating system. Nmap can be used to scan only two nodes of the LAN, up to more than 500 nodes. Nmap also allows users to customize scanning techniques. Often, a simple operation using the ICMP ping protocol to meet the general needs; and to be in-depth probing UDP or TCP port until the operating system used by the host; also can detect all the results will be recorded to log in various formats for further analysis of operation.

Experimental environment CentOS-5.5

Experimental Software Nmap-5.00.tar.gz

installation

tar zxvf nmap-5.00.tar.gz

cd nmap-5.00

./configrue


make

make install

Instructions

A ping scan, print out the host to respond to the scan, no further testing (such as port scanning or OS detection):

nmap -sP 192.168.1.0/24

Only lists each host on the specified network does not send any message to the target host:

nmap -sL 192.168.1.0/24

Detection of target host open port, you can specify a comma-separated list of ports (eg -PS22,23,25,80):

nmap -PS 192.168.1.234

Use UDP ping detector:

nmap -PU 192.168.1.0/24

The most frequently used scanning options: SYN scan, also known as semi-open scanning, it does not open a full TCP connection, executes quickly:

nmap -sS 192.168.1.0/24

When SYN scan can not be used when, TCP Connect () scan is the default TCP scan:

nmap -sT 192.168.1.0/24

UDP scanning -sU option, UDP scans to send empty (no data) UDP header to each target port:

nmap -sU 192.168.1.0/24

Determine which target IP protocol support (TCP, ICMP, IGMP, etc.):

nmap -sO 192.168.1.19

Detection of the target host operating systems:

nmap -O 192.168.1.19

nmap -A 192.168.1.19

In addition, nmap official document examples:

nmap -v scanme.

This option scans the host scanme all reserved TCP ports. -v Option to enable the detail mode.

nmap -sS -O scanme./24

Secret SYN scan, the object is 255 hosts "Class C" segment host Saznme located. Also, try to determine the host's operating system for each job type. Because, SYN scan and OS detection, the scan need to have root privileges.

nmap -sV -p 22,53,110,143,4564 198.116.0-255.1-127

Conduct the host list and TCP scanning, the object of class B 188.116 segment 255 8 subnets. This test is used to determine whether the system is running sshd, DNS, imapd or 4564 port. If these ports are open, we will use the version detection to determine which applications are running.

nmap -v -iR 100000 -P0 -p 80

100,000 randomly selected hosts scanning is running Web server (port 80). Sent by the initial stage of probe packets to determine if a host is working very wasteful of time and only detect the host of a port, and therefore prohibits the use -P0 list of hosts.

nmap -P0 -p80 -oX logs / pb-port80scan.xml -oG logs / pb-port80scan.gnmap 216.163.128.20/20

Scan 4096 IP addresses, find the Web server (not ping), to save the results Grep and XML format.

host -l | cut -d -f 4 | nmap -v -iL -

A DNS zone transfer to find the host and the IP addresses to Nmap. The above command for GNU / Linux - when other regional transmission systems have different commands.

other options:

-p (only scan the specified port)

Single port and port range (eg 1-1023) with a hyphen can be. When scanning both TCP port and UDP port scan, you can add the port number before the T: or U: specify the protocol. The agreement is valid until the specified qualifier another. For example, the parameter -p U: 53,111,137, T: 21-25,80,139,8080 will scan UDP ports 53,111, and 137, and TCP port scan listed.

-F (Fast (limited port) scan)
     
         
         
         
  More:      
 
- How to use Monit to deploy a server to monitor the system (Server)
- Oracle SQL statement tracking (Database)
- Linux, modify / retrieve the root password (Linux)
- Learning OpenCV: (VS2010-openCV2.4.3-win7 configuration instructions) (Linux)
- Linux firewall security (Linux)
- The difference between statement and preparedStatement of the jdbc (Database)
- tcpdump Linux system security tools (Linux)
- Oracle Shared Server Configuration (Database)
- Delay for the specified IP port analog network to send and receive packets on Linux (Linux)
- How to view the Linux QPS (Linux)
- JavaScript original values and complex values (Programming)
- Linux Beginner Guide: Installing packages on Ubuntu and Fedora (Linux)
- CentOS build JDK environment (Linux)
- CentOS 7 Docker build private warehouse registry (Linux)
- MySQL and Oracle time zone settings compare (Database)
- Ftp user to create multiple virtual machines to support different access rights Examples (Server)
- CentOS directory structure Explanation (Linux)
- Django url () function Detailed (Programming)
- apt-get install openstack pkg Troubleshooting (Linux)
- E: Sub-process / usr / bin / dpkg returned an error code (1) error solution (Linux)
     
           
     
  CopyRight 2002-2020 newfreesoft.com, All Rights Reserved.