ArticleDirectory
- I. Overview
- Ii. NMAP implementation
- Iii. Python implementation (using Python-NMAP)
Due to work requirements, I used UDP port scanning knowledge during this time. Here I will summarize it for my convenience.
I. Overview
Task Description:
Develop oneProgramUsed to obtain the list of Host IP addresses that enable the SNMP service in the LAN, and write the corresponding files for other programs to use.
Background:
SNMP is based on UDP, and the standard SNMP Service uses ports 161 and 162.
Ideas:
1. Obtain the list of local online hosts;
2. Obtain the enabled SNMP port (such as 161) of each host;
3. Write a specific file in a specific format.
Here we only implement the first two steps.
Ii. NMAP implementation
1. Install NMAP
Linux platform (centos ):
Yum install NMAP-y
Widows platform ():
Http://nmap.org/download.html#windows
2. Obtain the online host list
Take the CIDR Block 192.168.1.0/24 as an example:
NMAP-Sn 192.168.1.0/24
Or specify the IP range scan:
NMAP-Sn 192.168.1.1-254
Parameter description:
-Sn: Ping scan. Only host discovery is performed, and port scanning is not performed.
3. Obtain the host port enabling status
Take 192.168.1.100 as an Example
NMAP-P 161-su 192.168.1.100
Parameter description:
-P 161: Scan port 161-su: UDP Scan
NMAP returned results:
Open: open closed: Close filtered: the port is blocked by the firewall IDS/IPS. The unfiltered status cannot be determined. The port is not blocked, but whether the port is open needs to be further determined. | filtered: the port is open or blocked. Closed | filtered: the port is closed or blocked.
4. NMAP shortcuts
Scan port 161 of the 192.168.1.0/24 CIDR block as follows: NMAP-P 161-su 192.168.1.0/24
Iii. Python implementation (using Python-NMAP)
The returned value of NMAP has a lot of data and needs to be parsed by a program. For example, the result of scanning port 161 of 192.168.1.100 is as follows:
Nmap scan report for 192.168.1.100host is up (0.00024 s latency). Port State service161/udp closed snmpmac address: 10: BF: 5A: 6a: BA: 48 (unknown)
Here is an Nmap parser library developed by python. The principle is to call the Nmap command and parse the result, returning the data structure recognized by Python:
Name: Python-NMAP
URL: http://xael.org/norman/python/python-nmap/python-nmap-0.1.4.tar.gz
Example ):
# ! /Usr/bin/Python Import NMAP nm = NMAP. portscanner () nm. Scan (hosts = ' 192.168.1.0/24 ' , Arguments = ' -P 161-su ' ) Hosts_list = [(X, Nm [x] [u ' UDP ' ] [161] [ ' State ' ]) For X In Nm. all_hosts ()] For Host, status In Hosts_list: Print ( ' {0 }:{ 1} ' . Format (host, status ))
GIST: https://gist.github.com/4084385