Introduction to NMAP

NMAP 彭博涵資工4A

What’s nmap? ¨  只是個軟體 ¨ a powerful scanner

Purpose ¨  Available hosts ¨  Offering services ¨  Running
operating systems

install ¨  Linux ¨  FreeBSD ¨  windows

第一次親密接觸 ¨  nmap <target> ¤  #nmap 140.115.50.50

nmap 做了什麼? ¨  1. 把<target>轉成ip address ¨  2. 確定目標活著 (send
ICMP echo request packet or TCP ACK packet to port 80) ¨  3. ip 轉回hostname (using reverse-DNS query) ¨  4. port scan (/usr/local/share/nmap/nmap-services) ¨  5. print the result

多個目標一次滿足 ¨  CIDR-style ¤  #nmap 140.115.82.0/24 ¨  某一段 ¤  #nmap
140.115.172.3-100 ¨  某幾段 ¤  #nmap 140.115.82,50.7-250 ¨  mix it ¤  #nmap 140.115.20-100,123-169.50 ptt.cc 61.57.227.41/24 ¨  全世界 ¤  #nmap 0.0.0.0/0

更多目標… ¨  從檔案... ¤  #nmap -iL target.txt ¨  except... ¤ 
#nmap 140.112.0.0/16 --exclude ptt.cc ¤  #nmap 0.0.0.0/0 --excludefile trouble.txt ¨  random ¤  #nmap -iR <number> ¨  IPv6 ¤  #nmap -6 ipv6.plurk.com

Scanning port

Port service list ¨  http://nmap.org/svn/nmap-services

Parameter for scanning port ¨  fast scan -F ¨  scan
specific ports -p [port] ¨  scan port by name -p [name] ¨  scan port by portocal -p U:[UDP ports],T:[TCP ports]

Fast scan ¨  scan the 100 most commonly used ports
¤  #nmap -F www.ncu.edu.tw

Scan specific ports ¨  -p [port] ¤  #nmap -p 22
www.saveie6.com ¤  #nmap -p 23,80,886-9527 www.twitter.com

Scan ports by name ¨  -p <name> ¤  #nmap -p
ssh www.saveie6.com ¤  #nmap -p smtp,http www.facebook.com

Scan ports by protocal ¨  specify the portocal to scan
(default TCP) ¤  #nmap -p U:53,T:25 www.hakuna-matata.org

Ports status ¨  open ¨  close ¨  filtered ¨  unfiltered
¨  open|filtered ¨  close|filtered

OS & service

Parameter for OS & service ¨  -O (OS detection) ¨ 
--osscan-guess (guess OS version) ¨  -sV (service Version detection) ¨  -A (OS detection, version detection and traceroute)

others ¨  -v (verbose) ¨  -Pn (skip host discovery) ¨ 
--traceroute ¨  -sS

reference ¨  nmap -h ¨  nmap.org ¨  Nmap Network Scanning
by Gordon Fyodor Lyon

Introduction to NMAP

Introduction to NMAP

HakumaNatata

More Decks by HakumaNatata

Other Decks in Technology

Featured

Transcript

NMAP 彭博涵資工4A

What’s nmap? ¨  只是個軟體 ¨ a powerful scanner

Purpose ¨  Available hosts ¨  Offering services ¨  Running

install ¨  Linux ¨  FreeBSD ¨  windows

第一次親密接觸 ¨  nmap <target> ¤  #nmap 140.115.50.50

nmap 做了什麼? ¨  1. 把<target>轉成ip address ¨  2. 確定目標活著 (send

多個目標一次滿足 ¨  CIDR-style ¤  #nmap 140.115.82.0/24 ¨  某一段 ¤  #nmap

更多目標… ¨  從檔案... ¤  #nmap -iL target.txt ¨  except... ¤

Scanning port

Port service list ¨  http://nmap.org/svn/nmap-services

Parameter for scanning port ¨  fast scan -F ¨  scan

Fast scan ¨  scan the 100 most commonly used ports

Scan specific ports ¨  -p [port] ¤  #nmap -p 22

Scan ports by name ¨  -p <name> ¤  #nmap -p

Scan ports by protocal ¨  specify the portocal to scan

Ports status ¨  open ¨  close ¨  filtered ¨  unfiltered

OS & service

Parameter for OS & service ¨  -O (OS detection) ¨

others ¨  -v (verbose) ¨  -Pn (skip host discovery) ¨

reference ¨  nmap -h ¨  nmap.org ¨  Nmap Network Scanning