Nmap Series A------basic scan

Basic Scan

Before I go into the detailed explanation, I will try a simple scan and have a basic understanding of nmap tools.

1.1Scan Overview

Nmap The main tools are host survival Scan, port scan, NSE. The scan is divided into a single target scan (by specifying a single IP address/hostname), multiple target scans (by specifying multiple IP addresses/hostname), list scanning (creating a file to write IP address/hostname to).

1.2single target scan

Single target scan syntax format:

>nmap [ target ip/target hostname]

"Example 1" scans the destination host for IP address 192.168.1.1 in the LAN

C:\windows\system32>nmap 192.168.1.1

starting Nmap 6.47 (http://nmap.org) at 2015-07-0615:05 China Standard Time

Nmap Scan Report for 192.168.1.1 #192.168.1.1 Scan Host

Host is up (0.0099s latency). # Status of the host

Not shown:997 closed ports #997 Close Port

PORT Stateservice # Port Status Service

80/tcp Open http #tcp80 Open HTTP

1041/TCP Open DANF-AK2

1900/TCP Open UPnP

MAC address:14:75:90:92:b2:40 (Tp-link Technologiesco.) #MAC address and device Tp-link

Nmap done:1 IP address (1 host up) scanned in 26.42seconds # spents 26.42 seconds

From the output information can be understood that the scanned host is 192.168.1.1, the open port is 80, 1041, 1990 ports, MAC address is 14:75:90:92:b2:40, device type is Tp-link Technologies Co.

The "2.1.2 Nmap Scan Port" indicates that the above information is scanned on the first 1000 ports.

Use the-p-parameter for a single host scan as follows

"Example 2" uses the-p-parameter to 192.168.1.1 a single scan, scanning 65535 ports

c:\windows\system32>nmap-p-192.168.1.1

starting Nmap 6.47 (http://nmap.org) at 2015-07-0615:25 China Standard Time

Nmap Scan Report for 192.168.1.1

Host is up (0.0093s latency).

Not shown:65532 closed ports #65532 a closed port with 3 open ports below

PORT Stateservice

80/TCP Open http

1041/TCP Open DANF-AK2

1900/TCP Open UPnP

MAC address:14:75:90:92:b2:40 (Tp-link Technologiesco.)

Nmap done:1 IP Address (1 host up) scanned in 113.29seconds

Use the-p parameter for a single host scan as follows

"Example 3" uses the-p parameter to 192.168.1.1 a single scan, scanning 80 ports

C:\windows\system32>nmap-p80 192.168.1.1

starting Nmap 6.47 (http://nmap.org) at 2015-07-0615:39 China Standard Time

Nmap Scan Report for 192.168.1.1

Host is up (0.0019s latency).

PORT Stateservice

80/TCP Open http

MAC address:14:75:90:92:b2:40 (Tp-link Technologies Co.)

Nmap done:1 IP Address (1 host up) scanned in 24.60seconds

1.3 multiple target scans

Multiple target scan syntax formats:

>nmap [ target ip/target hostname][target ip/target hostname] [target ip/target hostname] ...

>nmap 192.168.1.1-100

>nmap 192.168.1-100.*

>nmap 192.168.1.0/24

"Example 1" scans the destination host for IP address 192.168.1.1192.168.1.102 in the LAN

C:\windows\system32>nmap 192.168.1.1192.168.1.102

starting Nmap 6.47 (http://nmap.org) at2015-07-06 15:59 China Standard Time

Nmap Scan Report for 192.168.1.1

Host is up (0.0088s latency).

Not shown:997 closed ports

PORT State SERVICE

80/TCP Open http

1041/TCP Open DANF-AK2

1900/TCP Open UPnP

MAC address:14:75:90:92:b2:40 (tp-linktechnologies Co.)

Nmap Scan Report for 192.168.1.102

Host is up (0.0032s latency).

Not shown:999 closed ports

PORT State SERVICE

62078/TCP Open Iphone-sync

MAC address:0c:30:21:57:8a:93 (Apple)

Nmap done:2 IP addresses (2 hosts up) scanned in 65.94 seconds

From the above output information can be seen, scanning the host has 192.168.1.1192.168.1.102 two devices. The 192.168.1.1 host has 80, 1041, 19,003 open ports and a MAC address of 14:75:90:92:b2:40. The 192.168.1.102 host has 62078 ports, the MAC address is 0c:30:21:57:8a:93, and the device type is Apple. Other ways to ask your friends to do the experiment on their own.

From the above "example" can be seen, if there is a lot of information need to scan, such a way is not suitable, thus, we have the following operation method.

Example 2 writes the information that needs to be scanned by creating a file text file

Nmap-il Test.txt

Where Test.txt is created by itself

This article from "Technology bo" blog, declined reprint!

Nmap Series A------basic scan