Small knowledge, big challenge! This article is participating in the creation activity of “Essential Tips for Programmers”.
Nmap is a powerful network scanning tool that can quickly scan a single host or a large network. It is mainly used to check network security and port scanning. In addition, NMAP can detect Mac addresses, operating system types, and service versions. You can install it using the yum install nmap command.
Nmap simple to use
Syntax format
Nmap [options] Destination hostCopy the code
For example, the following scan is www.baidu.com, which outputs basic information and a list of open TCP ports:
Nmap www.baidu.com Starting nmap 6.40 (http://nmap.org) at 2021-10-22 15:37 CST NMAP Scan Report for www.baidu.com Other addresses for www.baidu.com (not scanned): 110.242.68.3 not shown: 998 filtered ports PORT STATE SERVICE 80/tcp open http 443/tcp open https Nmap done: 1 IP address (1 Host up) Scanned in 19.00 secondsCopy the code
As shown above, ports 80 and 443 are open on the target host.
For more detailed output of the scan intermediate process, you can use the -v or -v options:
Sudo 192.168.1.32 nmap - vCopy the code
To scan TCP ports on the target host, run the following command:
Nmap - sT - p - 192.168.1.32Copy the code
The -st option indicates scanning TCP ports, and -p indicates scanning all ports (65535). If -p- is not used, nMAP scans only 1000 ports.
Starting Nmap 6.40 (http://nmap.org) at 2021-10-22 14:52 CST Nmap Scan Report for 192.168.1.37 Host is Up (0.00067s latency). Not shown: 65532 closed ports PORT STATE SERVICE 22/tcp open ssh 443/tcp open https 3306/tcp open mysql 6379/tcp open unknown 27017/ TCP open unknown Nmap done: 1 IP address (1 host up) Scanned in 3.54 secondsCopy the code
To perform UDP scanning, run the following command as user root using the (-su) option:
Sudo nmap - sU 192.168.1.32Copy the code
Nmap also supports IPv6 addresses. Use the -6 option:
nmap -6 fe80::42:84ff:fed9:7a33
Copy the code
Specify multiple destination hosts
Nmap supports specifying multiple target hosts as follows:
Nmap 192.168.1.32 www.baidu.comCopy the code
Network scoping can also be specified using CIDR notation:
Nmap 192.168.1.0/24Copy the code
You can also use – to specify an eight-bit byte range, for example, to scan 192.168.1.32, 192.168.1.33, and 192.168.1.34:
Nmap 192.168.1.32-34Copy the code
Can also be separated by commas:
Nmap 192.168.1.32, 33, 34Copy the code
Specify scan port
By default, NMAP scans the 1000 most common ports, and if you want to scan all ports from 1 to 65535, you need to use the -p- option.
Nmap - p - 192.168.1.32Copy the code
If you want to specify only a single port, for example, to scan only port 443, you can use the following command:
Nmap -p 443 192.168.1.32Copy the code
Multiple ports can be specified in the same way as multiple hosts, using -specify range or, comma separated:
Nmap -p 22,80,443 192.168.1.32Copy the code
Nmap 192.168.1.32 1 - p - 1024Copy the code
You can also specify the port using the port name, for example, to scan port 443 HTTPS:
Nmap -p HTTPS 192.168.1.32Copy the code
Original is not easy, if small partners feel helpful, please click a “like” and then go ~
Finally, thank my girlfriend for her tolerance, understanding and support in work and life!