CentOS6.2 use NMAP tool to scan ports

Nmap is a tool for network exploration or security evaluation. It supports ping scanning (determining which hosts are running), multi-port scanning technology (determining which services are provided by hosts), and TCP/IP fingerprint (remote host operating system identification ). Nmap also provides flexible target and port list, cover scanning, determination of TCP sequence predictability characteristics, reverse identd scanning, and so on. Note: in NMAP-4.11, id

Nmap is a tool for network exploration or security evaluation. It supports ping scanning (determining which hosts are running), multi-port scanning technology (determining which services are provided by hosts), and TCP/IP fingerprint (remote host operating system identification ). Nmap also provides flexible target and port list, cover scanning, determination of TCP sequence predictability characteristics, reverse identd scanning, and so on.

Note: ident reverse scanning is no longer supported in NMAP-4.11. (Ident Protocol: used for TCP reverse Scanning. it allows you to view the owner user of the process corresponding to the TCP connection. For example, after connecting to the HTTP service, you can run an ident scan to check whether the server is running as root .)

NMAP scan syntax

Nmap [scan type] [option] <扫描目标 ...>

Common scan types

• -Ss, tcp syn scan (half open)
• -ST, TCP connection scan (fully open)
• -SF, tcp fin scan
• -Su, UDP scan
• -SP, ICMP scan
• -P0: Skip ping detection

Install NMAP (I have seen a buddy who is very touched by his mind. he has a wab website, but he ran to do security settings, so he could not remember how to change the ssh port, the solution to this problem is to use NMAP to scan it ......... so you can take a closer look)

[Root @ chenyi ~] # Yum install nmap # NMAP is self-contained in the ISO of CentOS 6.2. install Yum directly!

View the TCP port and UDP port opened on the local machine respectively

[root@chenyi ~]# nmap 127.0.0.1Starting Nmap 5.51 ( http://nmap.org ) at 2012-12-06 09:24 CSTNmap scan report for localhost (127.0.0.1)host is up (0.000016s latency).Not shown: 998 closed portsPORT   STATE service22/tcp open  ssh25/tcp open  smtpNmap done: 1 IP address (1 host up) scanned in 0.18 seconds[root@chenyi ~]# nmap -sU 127.0.0.1Starting Nmap 5.51 ( http://nmap.org ) at 2012-12-06 09:25 CSTNmap scan report for localhost (127.0.0.1)Host is up (0.000018s latency).Not shown: 999 closed portsPORT     STATE         SERVICE5353/udp open|filtered zeroconfNmap done: 1 IP address (1 host up) scanned in 1.32 seconds

Checks which hosts provide ftp services in the 192.168.1.0/24 network segment

[Root @ chenyi ~] # Nmap-p 21 192.168.1.0/24 #-p option, specify the target Port Starting Nmap 5.51 ( http://nmap.org ) At CSTNmap scan report for 192.168.1.1Host is up (0.0035 s latency ). port state SERVICE21/tcp filtered ftp # Status unknown, may be filtered MAC Address: 00: 1F: 8F: 69: 27: 53 (Shanghai Bellmann Digital Source Co .) nmap scan report for 192.168.1.103Host is up (0.00099 s latency ). port state SERVICE21/tcp closed ftpMAC Address: 20: 7C: 8F: 6B: E6: 3E (Quanta Microsystems) Nmap scan report for 192.168.1.20.host is up (0.0021 s latency ). port state SERVICE21/tcp closed ftpMAC Address: 88: AE: 1D: 26: 0B: 0B (Compal Information (kunshan) co .) nmap scan report for 192.168.1.110Host is up (0.000093 s latency ). port state SERVICE21/tcp closed ftpNmap scan report for 192.168.1.210Host is up (0.0091 s latency ). port state SERVICE21/tcp filtered ftpMAC Address: 00: 0C: 29: CC: F3: 02 (VMware) Nmap scan report for 192.168.1.253Host is up (0.0020 s latency ). port state SERVICE21/tcp filtered ftpMAC Address: 14: CF: 92: 47: 07: 04 (Unknown) Nmap done: 256 IP addresses (6 hosts up) scanned in 43.93 sEconds

At this time, I enable an FTP server to scan again!

....... Omitted part of Nmap scan report for 192.168.1.210Host is up (0.0010 s latency ). port state SERVICE21/tcp open ftp # PORT 21 indicates the opened MAC Address: 00: 0C: 29: CC: F3: 02 (VMware )....... omitted part

Detects active hosts in 192.168.1.0/24 network segments

[Root @ chenyi ~] # Nmap-n-sP 192.168.1.0/24 #-n option, disable reverse resolution Starting Nmap 5.51 (http://nmap.org) at CSTNmap scan report for 192.168.1.1Host is up (0.0031 s latency ). MAC Address: 00: 1F: 8F: 69: 27: 53 (Shanghai Bellmann Digital Source Co .) nmap scan report for 192.168.1.103Host is up (0.00025 s latency ). MAC Address: 20: 7C: 8F: 6B: E6: 3E (Quanta Microsystems) Nmap scan report for 192.168.1.20.host is up (0.0024 s latency ). MAC Address: 88: AE: 1D: 26: 0B: 0B (Compal Information (kunshan) co .) nmap scan report for 192.168.1.110Host is up. nmap scan report for 192.168.1.210Host is up (0.00037 s latency ). MAC Address: 00: 0C: 29: CC: F3: 02 (VMware) Nmap scan report for 192.168.1.253Host is up (0.0056 s latency ). MAC Address: 14: CF: 92: 47: 07: 04 (Unknown) Nmap done: 256 IP addresses (6 hosts up) scanned in 3.63 seconds

So far, we will not discuss more about Port Scanning. we will try to figure it out!