29. Linux网络抓包——nmap,tcpdump

最新推荐文章于 2024-07-26 14:22:46 发布

Pink_Home

最新推荐文章于 2024-07-26 14:22:46 发布

阅读量826

点赞数

文章标签：网络运维

本文链接：https://blog.csdn.net/Pink_Home/article/details/126430470

版权

1. nmap工具检测开放端口

（1）nmap包含四项基本功能：主机发现（Host Discovery）；端口扫描（Port Scanning）;版本侦测（Version Detection）;操作系统侦测（Operating System Detection）;

[root@WWcentos ~]# nmap www.baidu.com

Starting Nmap 6.40 ( http://nmap.org ) at 2022-08-18 16:54 CST
Nmap scan report for www.baidu.com (36.152.44.96)
Host is up (0.0022s latency).
Other addresses for www.baidu.com (not scanned): 36.152.44.95
Not shown: 998 filtered ports
PORT    STATE SERVICE
80/tcp  open  http
443/tcp open  https

Nmap done: 1 IP address (1 host up) scanned in 25.15 seconds

注意：这是一个不安全的命令，是用来扫描他人服务器的，用于公司内部或者是局域网内。通常服务器都会有防火墙。

例1：扫描指定IP开放端口：

[root@WWcentos ~]# nmap -v 192.168.137.128

Starting Nmap 6.40 ( http://nmap.org ) at 2022-08-19 17:48 CST
Initiating Parallel DNS resolution of 1 host. at 17:48
Completed Parallel DNS resolution of 1 host. at 17:48, 0.01s elapsed
Initiating SYN Stealth Scan at 17:48
Scanning 192.168.137.128 (192.168.137.128) [1000 ports]
Discovered open port 22/tcp on 192.168.137.128
Discovered open port 111/tcp on 192.168.137.128
Completed SYN Stealth Scan at 17:48, 1.61s elapsed (1000 total ports)
Nmap scan report for 192.168.137.128 (192.168.137.128)
Host is up (0.000028s latency).
Not shown: 998 closed ports
PORT    STATE SERVICE
22/tcp  open  ssh
111/tcp open  rpcbind

Read data files from: /usr/bin/../share/nmap
Nmap done: 1 IP address (1 host up) scanned in 1.65 seconds
           Raw packets sent: 1061 (46.684KB) | Rcvd: 2124 (89.212KB)

例2：网段内存活的机器：

[root@WWcentos ~]# nmap -sP 192.168.137.0/24

Starting Nmap 6.40 ( http://nmap.org ) at 2022-08-19 18:31 CST
Nmap scan report for 192.168.137.1 (192.168.137.1)
Host is up (0.000061s latency).
MAC Address: 00:50:56:C0:00:08 (VMware)
Nmap scan report for 192.168.137.2 (192.168.137.2)
Host is up (0.00012s latency).
MAC Address: 00:50:56:E1:65:46 (VMware)
Nmap scan report for 192.168.137.254 (192.168.137.254)
Host is up (-0.11s latency).
MAC Address: 00:50:56:E9:EA:03 (VMware)
Nmap scan report for 192.168.137.128 (192.168.137.128)
Host is up.
Nmap done: 256 IP addresses (4 hosts up) scanned in 2.10 seconds

例3：扫描指定IP的指定端口：

[root@WWcentos ~]# nmap -p 80 192.168.137.128

Starting Nmap 6.40 ( http://nmap.org ) at 2022-08-19 18:32 CST
Nmap scan report for 192.168.137.128 (192.168.137.128)
Host is up (0.000043s latency).
PORT   STATE  SERVICE
80/tcp closed http

Nmap done: 1 IP address (1 host up) scanned in 0.23 seconds

例4：探测主机操作系统：

[root@WWcentos ~]# nmap -O 192.168.137.128

Starting Nmap 6.40 ( http://nmap.org ) at 2022-08-19 18:37 CST
Nmap scan report for 192.168.137.128 (192.168.137.128)
Host is up (0.000028s latency).
Not shown: 998 closed ports
PORT    STATE SERVICE
22/tcp  open  ssh
111/tcp open  rpcbind
Device type: general purpose
Running: Linux 3.X
OS CPE: cpe:/o:linux:linux_kernel:3
OS details: Linux 3.7 - 3.9
Network Distance: 0 hops

最低0.47元/天解锁文章

Pink_Home

关注

0
点赞
踩
3

收藏

觉得还不错? 一键收藏
0
评论
29. Linux网络抓包——nmap,tcpdump

3）另外，同样的修饰符可省略，如“tcp dst port ftp or ftp-data or domain”与“tcp dst port ftp or tcp dst port ftp-data or tcp dst port domain”意义相同，都表示包的协议为tcp且目的端口为ftp或ftp-data或domain（端口53）。4）使用括号“（）”可以改变表达式的优先级，但需要注意的是括号会被shell解释，所以应该使用反斜线“\”转义为“\(\)”，在需要的时候，还需要包围在引号中。
复制链接

扫一扫