I. Overview
Task Description:
Develop a program to obtain the list of Host IP addresses that enable the snmp service in the LAN, and write the corresponding files for other programs to use.
Background:
SNMP is based on UDP, and the standard SNMP Service uses ports 161 and 162.
Ideas:
1. Obtain the list of local online hosts;
2. Obtain the enabled snmp port (such as 161) of each host;
3. Write a specific file in a specific format.
Here we only implement the first two steps.
Ii. nmap implementation
1. Install nmap
Linux platform (CentOS ):
Yum install nmap-y
Widows platform ():
Http://nmap.org/download.html#windows
2. Obtain the online host list
Take the CIDR Block 192.168.1.0/24 as an example:
Nmap-sn 192.168.1.0/24
Or specify the ip range scan:
Nmap-sn 192.168.1.1-254
Parameter description:
-Sn: Ping scan. Only host discovery is performed, and port scanning is not performed.
3. Obtain the host port enabling status
Take 192.168.1.100 as an Example
Nmap-p 161-sU 192.168.1.100
Parameter description:
-P 161: Scan port 161
-SU: Performs UDP scanning.
Nmap returned results:
Open: open
Closed: Disabled
Filtered: the port is blocked by the firewall IDS/IPS and cannot be determined.
Unfiltered: the port is not blocked, but whether the port is open must be further determined.
Open | filtered: The port is open or blocked.
Closed | filtered: the port is closed or blocked.
4. nmap shortcuts
Scan port 161 of the 192.168.1.0/24 CIDR block as follows:
Nmap-p 161-sU 192.168.1.0/24
Iii. python implementation (using python-nmap)
The returned value of nmap has a lot of data and needs to be parsed by a program. For example, the result of scanning port 161 of 192.168.1.100 is as follows:
Nmap scan report for 192.168.1.100
Host is up (0.00024 s latency ).
PORT STATE SERVICE
161/udp closed snmp
MAC Address: 10: BF: 5A: 6A: BA: 48 (Unknown)
Here is an nmap parser library developed by python. The principle is to call the nmap command and parse the result, returning the data structure recognized by python:
Name: python-nmap
Url: http://xael.org/norman/python/python-nmap/python-nmap-0.1.4.tar.gz
Example ):
Copy codeThe Code is as follows:
#! /Usr/bin/python
Import nmap
Nm = nmap. PortScanner ()
Nm. scan (hosts = '192. 168.1.0/24', arguments = '-p 192-sU ')
Hosts_list = [(x, nm [x] [u'udp'] [161] ['state']) for x in nm. all_hosts ()]
For host, status in hosts_list:
Print ('{0 }:{ 1}'. format (host, status ))