Nmap is a popular network scanning and sniffing tools, widely used in the field of hackers to do vulnerability detection and security scanning, more nmap is a good network tool, in the production and development is also often used, mainly to do port open detection and LAN information collection, etc. Different Linux distribution package management generally also with NMAP tools, here choose to download the source code package to compile and install, Nmap official website is: https://nmap.org/because of a wall of reason, open will be slower or connection failure, So on Nmap Chinese web address: http://www.nmap.com.cn/Chinese network also has a more complete user manual, here choose the Linux version of the binary package to download
Also point to the official website, after download ready to install
First unzip and enter the source directory:
tar -xjvf nmap-7.31. Tar . BZ2CD nmap-7.31/
Then use the default parameters to perform the compilation:
./Configuremake makeinstall
After installation, Nmap command can be used directly, directly execute nmap will give detailed use parameters, execution nmap-v will output the current version number
Now you can perform one of the simplest commands to scan a host, for example: nmap 192.168. 0.42 What parameters do not add the default equivalent to the-SS parameter is the TCP SYN Scan, which does not need to have a full handshake with the server to return information, and the advantage of sending a SYN packet is not to generate any session, and will not generate a log on the server ; Verify that the scan is started, the current command is blocked, and the current execution progress is displayed when you click Enter:
Detailed results are displayed when the scan is complete:
Scan results First is the display host is open, the corresponding port open indicates normal open, the following service is Nmap can sniff the approximate services, filtered said that some ports may be open, but not by the program monitoring or by the firewall and other software interception filtering caused by the state is unknown, You can see the use is very convenient, do not have to manually troubleshoot the port
Nmap can also be used to detect the remote host's operating system, such as: nmap-o 192.168. The following information is returned when 0.46 executes:
You can see that port 22 is turned on, and the system is Linux, and the approximate version number information
In addition nmap behind the IP can be changed directly to 192.168.0.1-100 to achieve LAN segment scanning or 192.168.0.1/24 to achieve the entire LAN scan, in addition to the various parameters to achieve the specified port scan, exclude scanning, or send a variety of different types of packet scanning and other powerful features,
Installing NMAP Scan Tool under Linux