网络安全审计工具Nmap如何使用


网络安全审计工具Nmap如何使用,针对这个问题,这篇文章详细介绍了相对应的分析和解答,希望可以帮助更多想解决这个问题的小伙伴找到更简单易行的方法。一.软件下载https://nmap.org/download.html二.扫描IPnmap 192.168.1.10 #扫描单IPnmap 192.168.1.10-100 #扫描IP段nmap 192.168.1.10192.168.1.11 #扫描单独的多IPnmap 192.168.1.1/24 #扫描整个网段nmap -iL list.txt #根据文件列表扫描#list.txt192.168.1.20192.168.1.21nmap -iR 3 # 随机扫描3个IPnmap 192.168.1.10-100 –exclude 192.168.1.20 #排除指定IPnmap 192.168.1.1/24 –excludefile list.txt #从文件中取出排除IPnmap -A 192.168.1.10 #-A将绝大多数有用的扫描命令集成在一起 -o 用来识别远程操作系统-sC 用来运行默认的脚本扫描-Pn #Ping No不用ping 扫描
-sP #simple Ping 简单嗅探一个网络里面的在线主机-PS #用ping 进行扫描-PU #嗅控UDP-p # 0-65535 #指定端口
-PA # ACK协议-PY #CTP协议-PE #不带参数默认的方式 ICMP-PP #ICMP时间戳嗅控命令,用来嗅探被防火墙保护的目标-PO1,2,3 #选择不同协议扫描1是ICMP 2 IGMP 4 IP
–traceroute IP #路由过程-R #DNS反向查的nmap –system-dns 192.168.1.10 #使用主机系统各DNS自己的解析器
nmap –dns-servers 202.103.24.68 192.168.1.10 #指定DNS服务器nmap -sL 192.168.1/24 #快速得到主机列表-sS #TCP SYN 扫描-sT #Nmap 7.70 ( https://nmap.org )Usage: nmap [Scan Type(s)] [Options] {target specification}TARGET SPECIFICATION: Can pass hostnames, IP addresses, networks, etc. Ex: scanme.nmap.org, microsoft.com/24, 192.168.0.1; 10.0.0-255.1-254 -iL : Input from list of hosts/networks -iR : Choose random targets –exclude : Exclude hosts/networks –excludefile : Exclude list from fileHOST DISCOVERY: -sL: List Scan – simply list targets to scan -sn: Ping Scan – disable port sca免费云主机域名n -Pn: Treat all hosts as online — skip host discovery -PS/PA/PU/PY[portlist]: TCP SYN/ACK, UDP or SCTP discovery to given ports -PE/PP/PM: ICMP echo, timestamp, and netmask request discovery probes -PO[protocol list]: IP Protocol Ping -n/-R: Never do DNS resolution/Always resolve [default: sometimes] –dns-servers : Specify custom DNS servers –system-dns: Use OS’s DNS resolver –traceroute: Trace hop path to each hostSCAN TECHNIQUES: -sS/sT/sA/sW/sM: TCP SYN/Connect()/ACK/Window/Maimon scans -sU: UDP Scan -sN/sF/sX: TCP Null, FIN, and Xmas scans –scanflags : Customize TCP scan flags -sI : Idle scan -sY/sZ: SCTP INIT/COOKIE-ECHO scans -sO: IP protocol scan
开通协议扫描 -b : FTP bounce scanPORT SPECIFICATION AND SCAN ORDER: -p : Only scan specified ports 指定扫描的端口 Ex: -p22; -p1-65535; -p U:53,111,137,T:21-25,80,139,8080,S:9 –exclude-ports : Exclude the specified ports from scanning -F: Fast mode – Scan fewer ports than the default scan 快速扫描1000多个常用端口 -r: Scan ports consecutively – don’t randomize –top-ports : Scan most common ports –port-ratio : Scan ports more common than SERVICE/VERSION DETECTION: -sV: Probe open ports to determine service/version info –version-intensity : Set from 0 (light) to 9 (try all probes) –version-light: Limit to most likely probes (intensity 2) –version-all: Try every single probe (intensity 9) –version-trace: Show detailed version scan activity (for debugging)SCRIPT SCAN: -sC: equivalent to –script=default –script=: is a comma separated list of directories, script-files or script-categories –script-args=: provide arguments to scripts –script-args-file=filename: provide NSE script args in a file –script-trace: Show all data sent and received –script-updatedb: Update the script database. –script-help=: Show help about scripts. is a comma-separated list of script-files or script-categories.OS DETECTION: -O: Enable OS detection –osscan-limit: Limit OS detection to promising targets –osscan-guess: Guess OS more aggressivelyTIMING AND PERFORMANCE: Options which take ‘s’ (seconds), ‘m’ (minutes), or ‘h’ (hours) to the value (e.g. 30m). -T: Set timing template (higher is faster) –min-hostgroup/max-hostgroup : Parallel host scan group sizes –min-parallelism/max-parallelism : Probe parallelization –min-rtt-timeout/max-rtt-timeout/initial-rtt-timeout probe round trip time. –max-retries : Caps number of port scan probe retransmissions. –host-timeout –scan-delay/–max-scan-delay –min-rate : Send packets no slower than per second –max-rate : Send packets no faster than per secondFIREWALL/IDS EVASION AND SPOOFING: -f; –mtu : fragment packets (optionally w/given MTU) -D : Cloak a scan with decoys -S : Spoof source address -e : Use specified interface -g/–source-port : Use given port number –proxies : Relay connections through HTTP/SOCKS4 proxies –data : Append a custom payload to sent packets –data-string : Append a custom ASCII string to sent packets –data-length : Append random data to sent packets –ip-options: Send packets with specified ip options –ttl : Set IP time-to-live field –spoof-mac : Spoof your MAC address –badsum: Send packets with a bogus TCP/UDP/SCTP checksumOUTPUT: -oN/-oX/-oS/-oG : Output scan in normal, XML, s|

and Grepable format, respectively, to the given filename.

-oA : Output in the three major formats at once

-v: Increase verbosity level (use -vv or more for greater effect)

-d: Increase debugging level (use -dd or more for greater effect)

–reason: Display the reason a port is in a particular state

–open: Only show open (or possibly open) ports

–packet-trace: Show all packets sent and received

–iflist: Print host interfaces and routes (for debugging)

–append-output: Append to rather than clobber specified output files

–resume : Resume an aborted scan

–stylesheet : XSL stylesheet to transform XML output to HTML

–webxml: Reference stylesheet from Nmap.Org for more portable XML

–no-stylesheet: Prevent associating of XSL stylesheet w/XML output

MISC:

-6: Enable IPv6 scanning

-A: Enable OS detection, version detection, script scanning, and traceroute

–datadir : Specify custom Nmap data file location

–send-eth/–send-ip: Send using raw ethernet frames or IP packets 隐藏IP

–privileged: Assume that the user is fully privileged

–unprivileged: Assume the user lacks raw socket privileges

-V: Print version number

-h: Print this help summary page.

EXAMPLES:

nmap -v -A scanme.nmap.org

nmap -v -sn 192.168.0.0/16 10.0.0.0/8

nmap -v -iR 10000 -Pn -p 80

关于网络安全审计工具Nmap如何使用问题的解答就分享到这里了,希望以上内容可以对大家有一定的帮助,如果你还有很多疑惑没有解开,可以关注云编程开发博客行业资讯频道了解更多相关知识。

and Grepable format, respectively, to the given filename. -oA : Output in the three major formats at once -v: Increase verbosity level (use -vv or more for greater effect) -d: Increase debugging level (use -dd or more for greater effect) –reason: Display the reason a port is in a particular state –open: Only show open (or possibly open) ports –packet-trace: Show all packets sent and received –iflist: Print host interfaces and routes (for debugging) –append-output: Append to rather than clobber specified output files –resume : Resume an aborted scan –stylesheet : XSL stylesheet to transform XML output to HTML –webxml: Reference stylesheet from Nmap.Org for more portable XML –no-stylesheet: Prevent associating of XSL stylesheet w/XML outputMISC: -6: Enable IPv6 scanning -A: Enable OS detection, version detection, script scanning, and traceroute –datadir : Specify custom Nmap data file location
–send-eth/–send-ip: Send using raw ethernet frames or IP packets 隐藏IP –privileged: Assume that the user is fully privileged –unprivileged: Assume the user lacks raw socket privileges -V: Print version number -h: Print this help summary page.EXAMPLES: nmap -v -A scanme.nmap.org nmap -v -sn 192.168.0.0/16 10.0.0.0/8 nmap -v -iR 10000 -Pn -p 80关于网络安全审计工具Nmap如何使用问题的解答就分享到这里了,希望以上内容可以对大家有一定的帮助,如果你还有很多疑惑没有解开,可以关注云编程开发博客行业资讯频道了解更多相关知识。

相关推荐: 如何查看当前Linux系统的版本

这篇文章主要介绍“如何查看当前Linux系统的版本”,在日常操作中,相信很多人在如何查看当前Linux系统的版本问题上存在疑惑,小编查阅了各式资料,整理出简单好用的操作方法,希望对大家解答”如何查看当前Linux系统的版本”的疑惑有所帮助!接下来,请跟着小编一…

免责声明:本站发布的图片视频文字,以转载和分享为主,文章观点不代表本站立场,本站不承担相关法律责任;如果涉及侵权请联系邮箱:360163164@qq.com举报,并提供相关证据,经查实将立刻删除涉嫌侵权内容。

Like (0)
Donate 微信扫一扫 微信扫一扫
Previous 01/18 10:48
Next 01/18 10:48