mysql端口被nmap扫描_[20190221]使用nmap扫描端口的问题.txt

最新推荐文章于 2022-10-11 19:31:20 发布

偏差一毫厘

最新推荐文章于 2022-10-11 19:31:20 发布

阅读量262

点赞数

文章标签： mysql端口被nmap扫描

本文链接：https://blog.csdn.net/weixin_31764905/article/details/113719233

版权

[20190221]使用nmap扫描端口的问题.txt

--//链接https://www.cnblogs.com/kerrycode/p/10384895.html提到一个问题,nmap扫描端口遗漏一些端口.

--//我个人很少使用nmap,主要我们许多服务器都不给安装这个软件.今天测试看看.

1.安装nmap:

--//我个人喜欢rpm包安装,最好选择官方站点下载,从iso盘里面拷贝nmap rpm包文件.

# rpm -ivh nmap-4.11-2.0.1.x86_64.rpm

warning: nmap-4.11-2.0.1.x86_64.rpm: Header V3 DSA signature: NOKEY, key ID 1e5e0159

Preparing... ########################################### [100%]

1:nmap ########################################### [100%]

2.测试:

# nmap 192.168.100.40

Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2019-02-21 09:33 CST

Interesting ports on hisdg (192.168.100.40):

Not shown: 1673 closed ports

PORT STATE SERVICE

22/tcp open ssh

80/tcp open http

111/tcp open rpcbind

113/tcp open auth

443/tcp open https

1521/tcp open oracle

3306/tcp open mysql

MAC Address: 00:14:22:23:9A:7A (Dell)

Nmap finished: 1 IP address (1 host up) scanned in 0.300 seconds

--//测试发现确实少一些端口.我看了一些文档:

https://nmap.org/book/man-port-specification.html

Port Specification and Scan Order

In addition to all of the scan methods discussed previously, Nmap offers options for specifying which ports are scanned

and whether the scan order is randomized or sequential. By default, Nmap scans the most common 1,000 ports for each

protocol.

-p (Only scan specified ports)

This option specifies which ports you want to scan and overrides the default. Individual port numbers are OK, as are

ranges separated by a hyphen (e.g. 1-1023). The beginning and/or end values of a range may be omitted, causing Nmap

to use 1 and 65535, respectively. So you can specify -p- to scan ports from 1 through 65535. Scanning port zero is

allowed if you specify it explicitly. For IP protocol scanning (-sO), this option specifies the protocol numbers you

wish to scan for (0–255).

When scanning a combination of protocols (e.g. TCP and UDP), you can specify a particular protocol by preceding the

port numbers by T: for TCP, U: for UDP, S: for SCTP, or P: for IP Protocol. The qualifier lasts until you specify

another qualifier. For example, the argument -p U:53,111,137,T:21-25,80,139,8080 would scan UDP ports 53, 111,and

137, as well as the listed TCP ports. Note that to scan both UDP and TCP, you have to specify -sU and at least one

TCP scan type (such as -sS, -sF, or -sT). If no protocol qualifier is given, the port numbers are added to all

protocol lists.

Ports can also be specified by name according to what the port is referred to in the nmap-services. You can even use

the wildcards * and ? with the names. For example, to scan FTP and all ports whose names begin with “http”, use -p

ftp,http*. Be careful about shell expansions and quote the argument to -p if unsure.

Ranges of ports can be surrounded by square brackets to indicate ports inside that range that appear in

nmap-services. For example, the following will scan all ports in nmap-services equal to or below 1024: -p [-1024].

Be careful with shell expansions and quote the argument to -p if unsure.

--//很明显nmap为了加快扫描速度,选择"most common 1,000 ports"扫描,这样会遗漏一些端口.

--//2^16 -1 = 65535 ,我总是记不住后面3位,打入65000.

# nmap -p 1-65535 192.168.100.40

Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2019-02-21 09:40 CST

Interesting ports on hisdg (192.168.100.40):

Not shown: 65526 closed ports