局域网扫描之Nmap

发表于 2019-04-22 阅读次数：阅读次数：本文字数： 420 阅读时长 ≈ 2 分钟

Nmap，也就是Network Mapper，最早是Linux下的网络扫描和嗅探工具包。

其基本功能有三个：

是扫描主机端口，嗅探所提供的网络服务
是探测一组主机是否在线
还可以推断主机所用的操作系统，到达主机经过的路由，系统已开放端口的软件版本

安装

windows安装

zennmap下载

下载后点击安装

linux安装

#ubuntu
apt-get install nmap
#centos
rpm -vhU https://nmap.org/dist/nmap-7.70-1.x86_64.rpm

扫描单个主机的端口

[root@localhost ~]# nmap -T4 -A -v 192.168.1.25
Starting Nmap 7.70 ( https://nmap.org ) at 2019-04-22 11:14 ?D1ú±ê×?ê±??
NSE: Loaded 148 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 11:14
Completed NSE at 11:14, 0.00s elapsed
Initiating NSE at 11:14
Completed NSE at 11:14, 0.01s elapsed
Initiating Ping Scan at 11:14
Scanning 192.168.1.25 [4 ports]
Completed Ping Scan at 11:14, 1.36s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 11:14
Completed Parallel DNS resolution of 1 host. at 11:14, 0.05s elapsed
Initiating SYN Stealth Scan at 11:14
Scanning 192.168.1.25 [1000 ports]
Discovered open port 8080/tcp on 192.168.1.25
Discovered open port 1080/tcp on 192.168.1.25
Discovered open port 8100/tcp on 192.168.1.25
Discovered open port 4000/tcp on 192.168.1.25
Discovered open port 2000/tcp on 192.168.1.25
Discovered open port 8088/tcp on 192.168.1.25
Discovered open port 6881/tcp on 192.168.1.25
Completed SYN Stealth Scan at 11:14, 1.11s elapsed (1000 total ports)
Initiating Service scan at 11:14

扫描局域网内的网段

[root@localhost ~]# nmap -sn -PE -PA 192.168.1.0/24
Starting Nmap 7.70 ( https://nmap.org ) at 2019-04-22 11:21 CST
Nmap scan report for 192.168.1.1
Host is up (0.0011s latency).
MAC Address: 74:EA:CB:F0:7B:2C (Unknown)
Nmap scan report for 192.168.1.13
Host is up (0.00043s latency).
MAC Address: F4:8E:38:76:DE:D7 (Dell)
Nmap scan report for 192.168.1.14
Host is up (0.00058s latency).
MAC Address: 8C:EC:4B:70:C3:2E (Unknown)
Nmap done: 256 IP addresses (3 hosts up) scanned in 13.94 seconds

基础的嗅探工作还挺好用