nmap
功能:主机探测、端口扫描、版本检测、系统检测、支持探测脚本编写
- 检查网段主机存活情况,还能看到各IP端口状态
nmap 192.168.8.1/24 #24表示子网掩码255.255.255.0
#exp:
Host is up (0.0042s latency).
Not shown: 996 closed ports
PORT STATE SERVICE
22/tcp open ssh
53/tcp open domain
80/tcp open http
3389/tcp open ms-wbt-server
nmap -sn 192.168.8.1/24#不扫描端口状态
- 扫描路由器
sudo nmap --traceroute 192.168.8.1 #路由IP
#exp:
Starting Nmap 7.70 ( https://nmap.org ) at 2019-04-03 10:59 CST
Nmap scan report for 192.168.8.1
Host is up (0.011s latency).
Not shown: 997 closed ports
PORT STATE SERVICE
22/tcp open ssh
53/tcp open domain
80/tcp open http
MAC Address: EC:17:2F:A7:CC:CA (Tp-link Technologies)
TRACEROUTE
HOP RTT ADDRESS
1 10.88 ms 192.168.8.1
- 扫描操作系统类型
sudo nmap -O 192.168.8.1
#e