I. Overview:
Map is a very useful tool for network scanning and host detection. Nmap is not limited to collecting information and enumerations, but can also be used as a vulnerability detector or security scanner. It can be applied to operating systems such as Winodws,linux,mac.
Nmap is a very powerful utility that can be used to:
Detecting hosts that live on the network (host discovery)
Detecting open ports on the host (port discovery or enumeration)
Detects the appropriate port (service discovery) for the software and version detection operating system, hardware address,
and software version detection vulnerabilities (Nmap script)
Wait a minute........
Here are just a few simple commands.
Scan a single host:
#nmap 192.168.0.144
Scan entire LAN for all online hosts:
#nmap 192.168.0.0/24
Or
#nmap 192.168.0.*
If you want to see a list of all the hosts you scanned:
#nmap-SL 192.168.0.0/24
Scan the 80,21,23 port on a specific host:
#nmap-p80,21,23 192.168.0.144
Below we delve into the scanning technology of NMAP:
(1).
TCP SYN Scan (SS) This is a basic scanning method, known as semi-open scanning, because this technology allows NMAP to obtain remote host information without a full handshake. Nmap sends a SYN packet to the remote host, but it does not generate any sessions. Therefore, no logging occurs on the target host because no session is formed. This is the advantage of SYN scan. If the scan type is not indicated in the Nmap command, the default is TCP SYN. But it requires Root/administrator permissions.
The command is as follows:
#nmap-ss 192.168.0.144
(2).
TCP Connect () scan (ST) If the SYN scan is not selected, the TCP connect () scanning is the default scan mode. Unlike the TCP SYN Scan, the TCP connect () scan requires a three-time handshake and calls the system's connect (). The TCP Connect () scan technique is only available for locating TCP and UDP ports.
The code is as follows:
#nmap-st 192.168.0.144
(3).
UDP Scan (SU), as the name implies, is used to look for UDP ports opened by the target host. It does not need to send any SYN packets because this technique is for UDP ports. The UDP scan sends a UDP packet to the destination host and waits for a response if an ICMP unreachable error message is returned, stating that the port is closed and that the port is open if the appropriate response is received correctly.
The code is as follows:
#nmap-su 192.168.0.144
(4).
Version Detection (SV)
Version detection is used to scan the version of the software that is running on the target host and port. Unlike other scanning techniques, it is not intended to scan open ports on a target host, but it needs to obtain information from an open port to determine the version of the software. You need to use the Tcpsyn scan to open which ports before using the version detection scan.
The code is as follows:
#nmap-SV 192.168.0.144
(5).
Idlescan (SL)
Idlescan is an advanced scanning technology that does not send packets with your real host IP, but instead uses a host of other target networks to send packets.
The code is as follows:
#nmap-SL 192.168.0.144 192.168.0.145
(6).
Nmap OS Detection (O)
One of the most important features of NMAP is the ability to remotely detect operating systems and software, NMAP's OS detection technology used in penetration testing to understand the remote host's operating system and software is very useful, by obtaining information you can know the known vulnerabilities. Nmap has a nmap-os-db database called the database that contains more than 2600 operating system information. Nmap sends TCP and UDP packets to the target machine, and then checks the results against the database.
The code is as follows:
#nmap-O 192.168.0.144
(7).
If the remote host has firewalls, IDS and IPs systems, you can use the-PN command to ensure that the remote host is not ping, because sometimes the firewall organizes the ping requests. The-PN command tells Nmap not to ping the remote host.
#nmap-o-pn192.168.0.144
In addition, how to view and modify the default gateway commands.
View Default gateway: (normal user/privileged mode is available)
~ $route
To modify the default gateway:
Effective immediately, the next boot will expire:
# route add default GW 192.168.0.254
Permanent effect after power-off: Modify file: Content within/etc/sysconfig/network-scripts/ifcfg-eth0
This article is from "Narcissus" blog, please make sure to keep this source http://10704527.blog.51cto.com/10694527/1784028
Linux under Namp simple use