Using Nmap to scan the surviving hosts in batches
Knowledge Reserve: Grep,nmap
First, install Nmap
1. Install the compilation environment
[[email protected] nmap-7.01]# yum install gcc g++ gcc-c++ -y
2. Download Nmap using wget
[[email protected] nmap-7.01]# wget http://nmap.org/dist/nmap-7.01.tar.bz2
3. Unzip the downloaded installation package
4. Go to Folder compilation installation
[[email protected] nmap-7.01]# cd nmap-7.01
[[email protected] nmap-7.01]# ./configure
[[email protected] nmap-7.01]# make
[[email protected] nmap-7.01]# make install
5. Check if the installation is successful
[[email protected] nmap-7.01]# nmap -v
Using Nmap
1.SN parameters
-sn:ping scan-disable port Scan #ping Probe Scan Host, no ports scanned
2. Scan for non-existent hosts
Starting Nmap 7.01 ( https://nmap.org ) at 2018-05-24 00:30 CST
Warning: File ./nmap-payloads exists, but Nmap is using /usr/local/bin/../share/nmap/nmap-payloads for security and consistency reasons. set NMAPDIR=. to give priority to files in your local directory (may affect the other data files too).
Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn
Nmap done: 1 IP address (0 hosts up) scanned in 0.49 seconds
[[email protected] nmap-7.01]#
3. Scan for existing hosts
[[email protected] nmap-7.01]# nmap -sn 172.25.65.100
.
Starting Nmap 7.01 ( https://nmap.org ) at 2018-05-24 00:31 CST
Warning: File ./nmap-payloads exists, but Nmap is using /usr/local/bin/../share/nmap/nmap-payloads for security and consistency reasons. set NMAPDIR=. to give priority to files in your local directory (may affect the other data files too).
Stats: 0:00:00 elapsed; 0 hosts completed (0 up), 1 undergoing ARP Ping Scan
ARP Ping Scan Timing: About 100.00% done; ETC: 00:31 (0:00:00 remaining)
Nmap scan report for 172.25.65.100
Host is up (0.00025s latency).
MAC Address: 2C:FD:A1:E1:EA:DB (Unknown)
Nmap done: 1 IP address (1 host up) scanned in 0.17 seconds
The comparison found that the existing hosts have Nmap scan report for field
Create a script
1. The script is as follows
[[email protected] scripts]# cat host.sh
#/bin/bash -
read -p "Please input scan host or network:" host
nmap -sn $host | grep "Nmap scan report for" >/dev/null &>/dev/null
[ $? -ne 0 ] && echo "host $host is down." && exit 1
nmap -sn $host | grep "Nmap scan report for" | awk ‘{print $5}‘ > /scripts/host.txt
while read uphost
do
echo "host $uphost is up."
done</scripts/host.txt
[[email protected] scripts]#
2. Run the script (real-world)
[[email protected] scripts] # bash host.sh
Please input scan host or network: 172.25.65.0/24
host 172.25.65.1 is up.
host 172.25.65.2 is up.
host 172.25.65.50 is up.
host 172.25.65.100 is up.
host 172.25.65.101 is up.
host 172.25.65.102 is up.
host 172.25.65.103 is up.
host 172.25.65.104 is up.
host 172.25.65.105 is up.
host 172.25.65.106 is up.
host 172.25.65.107 is up.
host 172.25.65.108 is up.
host 172.25.65.109 is up.
host 172.25.65.110 is up.
host 172.25.65.111 is up.
host 172.25.65.112 is up.
host 172.25.65.113 is up.
host 172.25.65.114 is up.
host 172.25.65.115 is up.
host 172.25.65.116 is up.
host 172.25.65.117 is up.
host 172.25.65.118 is up.
host 172.25.65.119 is up.
host 172.25.65.120 is up.
host 172.25.65.121 is up.
host 172.25.65.122 is up.
host 172.25.65.123 is up.
host 172.25.65.124 is up.
host 172.25.65.125 is up.
host 172.25.65.126 is up.
host 172.25.65.127 is up.
host 172.25.65.128 is up.
host 172.25.65.129 is up.
host 172.25.65.130 is up.
host 172.25.65.131 is up.
host 172.25.65.132 is up.
host 172.25.65.133 is up.
host 172.25.65.134 is up.
host 172.25.65.135 is up.
host 172.25.65.136 is up.
host 172.25.65.137 is up.
host 172.25.65.138 is up.
host 172.25.65.139 is up.
host 172.25.65.141 is up.
host 172.25.65.143 is up.
host 172.25.65.145 is up.
host 172.25.65.146 is up.
host 172.25.65.147 is up.
host 172.25.65.148 is up.
host 172.25.65.149 is up.
host 172.25.65.150 is up.
host 172.25.65.151 is up.
host 172.25.65.152 is up.
host 172.25.65.10 is up.
When the host does not exist
[[email protected] scripts] # bash host.sh
Please input scan host or network: 172.25.65.199
host 172.25.65.199 is down.
[[email protected] scripts] #
If you have any questions, please comment.
Arppinging Technology Community
Welcome attention to my personal public number
Shell script case (v) using Nmap Batch scan of the surviving host