[转]给Linux系统管理员准备的Nmap命令的29个实用范例+ tsysv 系统服务器管理器
原文链接:http://os.51cto.com/art/201401/428152.htm
Nmap即网络映射器对Linux系统/网络管理员来说是一个开源且非常通用的工具。Nmap用于在远程机器上探测网络,执行安全扫描,网络审计和搜寻开放端口。它会扫描远程在线主机,该主机的操作系统,包过滤器和开放的端口。
关闭或者打开主机端口
1、nmap localhost #查看主机当前开放端口
2、ntsysv #打开系统服务器管理器(需要先安装yum install ntsysv),选择要关闭或者打开的服务
我将用两个不同的部分来涵盖大部分NMAP的使用方法,这是nmap关键的第一部分。在下面的设置中,我使用两台已关闭防火墙的服务器来测试Nmap命令的工作情况。
192.168.0.100 – server1.tecmint.com
192.168.0.101 – server2.tecmint.com
NMAP命令用法
- # nmap [Scan Type(s)] [Options] {target specification}
如何在Linux下安装NMAP
现在大部分Linux的发行版本像Red Hat,CentOS,Fedoro,Debian和Ubuntu在其默认的软件包管理库(即Yum 和 APT)中都自带了Nmap,这两种工具都用于安装和管理软件包和更新。在发行版上安装Nmap具体使用如下命令。
- # yum install nmap [on Red Hat based systems]
- $ sudo apt-get install nmap [on Debian based systems]
一旦你安装了最新的nmap应用程序,你就可以按照本文中提供的示例说明来操作。
1. 用主机名和IP地址扫描系统
Nmap工具提供各种方法来扫描系统。在这个例子中,我使用server2.tecmint.com主机名来扫描系统找出该系统上所有开放的端口,服务和MAC地址。
使用主机名扫描
[root@server1 ~]# nmap server2.tecmint.com
Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2013-11-11 15:42 EST
Interesting ports on server2.tecmint.com (192.168.0.101):
Not shown: closed ports
PORT STATE SERVICE
/tcp open ssh
/tcp open http
/tcp open rpcbind
/tcp open unknown
/tcp open mysql
/tcp open sun-answerbook
MAC Address: :::D9:8E:D7 (Cadmus Computer Systems)
Nmap finished: IP address ( host up) scanned in 0.415 seconds
You have new mail in /var/spool/mail/root
使用IP地址扫描
[root@server1 ~]# nmap 192.168.0.101
Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2013-11-18 11:04 EST
Interesting ports on server2.tecmint.com (192.168.0.101):
Not shown: closed ports
PORT STATE SERVICE
/tcp open ssh
/tcp open http
/tcp open rpcbind
/tcp open unknown
/tcp open mysql
/tcp open sun-answerbook
MAC Address: :::D9:8E:D7 (Cadmus Computer Systems)
Nmap finished: IP address ( host up) scanned in 0.465 seconds
You have new mail in /var/spool/mail/root
2.扫描使用“-v”选项
你可以看到下面的命令使用“ -v “选项后给出了远程机器更详细的信息。
[root@server1 ~]# nmap -v server2.tecmint.com
Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2013-11-11 15:43 EST
Initiating ARP Ping Scan against 192.168.0.101 [ port] at :
The ARP Ping Scan took .01s to scan total hosts.
Initiating SYN Stealth Scan against server2.tecmint.com (192.168.0.101) [ ports] at :
Discovered open port /tcp on 192.168.0.101
Discovered open port /tcp on 192.168.0.101
Discovered open port /tcp on 192.168.0.101
Discovered open port /tcp on 192.168.0.101
Discovered open port /tcp on 192.168.0.101
Discovered open port /tcp on 192.168.0.101
The SYN Stealth Scan took .30s to scan total ports.
Host server2.tecmint.com (192.168.0.101) appears to be up ... good.
Interesting ports on server2.tecmint.com (192.168.0.101):
Not shown: closed ports
PORT STATE SERVICE
/tcp open ssh
/tcp open http
/tcp open rpcbind
/tcp open unknown
/tcp open mysql
/tcp open sun-answerbook
MAC Address: :::D9:8E:D7 (Cadmus Computer Systems)
Nmap finished: IP address ( host up) scanned in 0.485 seconds
Raw packets sent: (.962KB) | Rcvd: (.322KB)
3.扫描多台主机
你可以简单的在Nmap命令后加上多个IP地址或主机名来扫描多台主机。
[root@server1 ~]# nmap 192.168.0.101 192.168.0.102 192.168.0.103
Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2013-11-11 16:06 EST
Interesting ports on server2.tecmint.com (192.168.0.101):
Not shown: closed ports
PORT STATE SERVICE
/tcp open ssh
/tcp open http
/tcp open rpcbind
/tcp open unknown
/tcp open mysql
/tcp open sun-answerbook
MAC Address: :::D9:8E:D7 (Cadmus Computer Systems)
Nmap finished: IP addresses ( host up) scanned in 0.580 seconds
4.扫描整个子网
你可以使用*通配符来扫描整个子网或某个范围的IP地址。
[root@server1 ~]# nmap 192.168..*
Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2013-11-11 16:11 EST
Interesting ports on server1.tecmint.com (192.168.0.100):
Not shown: closed ports
PORT STATE SERVICE
/tcp open ssh
/tcp open rpcbind
/tcp open unknown
Interesting ports on server2.tecmint.com (192.168.0.101):
Not shown: closed ports
PORT STATE SERVICE
/tcp open ssh
/tcp open http
/tcp open rpcbind
/tcp open unknown
/tcp open mysql
/tcp open sun-answerbook
MAC Address: :::D9:8E:D7 (Cadmus Computer Systems)
Nmap finished: IP addresses ( hosts up) scanned in 5.550 seconds
You have new mail in /var/spool/mail/root
从上面的输出可以看到,nmap扫描了整个子网,给出了网络中当前网络中在线主机的信息。
5.使用IP地址的最后一个字节扫描多台服务器
你可以简单的指定IP地址的最后一个字节来对多个IP地址进行扫描。例如,我在下面执行中扫描了IP地址192.168.0.101,192.168.0.102和192.168.0.103。
[root@server1 ~]# nmap 192.168.0.101,,
Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2013-11-11 16:09 EST
Interesting ports on server2.tecmint.com (192.168.0.101):
Not shown: closed ports
PORT STATE SERVICE
/tcp open ssh
/tcp open http
/tcp open rpcbind
/tcp open unknown
/tcp open mysql
/tcp open sun-answerbook
MAC Address: :::D9:8E:D7 (Cadmus Computer Systems)
Nmap finished: IP addresses ( host up) scanned in 0.552 seconds
You have new mail in /var/spool/mail/root
6. 从一个文件中扫描主机列表
如果你有多台主机需要扫描且所有主机信息都写在一个文件中,那么你可以直接让nmap读取该文件来执行扫描,让我们来看看如何做到这一点。
创建一个名为“nmaptest.txt ”的文本文件,并定义所有你想要扫描的服务器IP地址或主机名。
[root@server1 ~]# cat > nmaptest.txt
localhost
server2.tecmint.com
192.168.0.101
接下来运行带“iL” 选项的nmap命令来扫描文件中列出的所有IP地址。
[root@server1 ~]# nmap -iL nmaptest.txt
Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2013-11-18 10:58 EST
Interesting ports on localhost.localdomain (127.0.0.1):
Not shown: closed ports
PORT STATE SERVICE
/tcp open ssh
/tcp open smtp
/tcp open rpcbind
/tcp open ipp
/tcp open unknown
Interesting ports on server2.tecmint.com (192.168.0.101):
Not shown: closed ports
PORT STATE SERVICE
/tcp open ssh
/tcp open http
/tcp open rpcbind
/tcp open unknown
/tcp open mysql
/tcp open sun-answerbook
MAC Address: :::D9:8E:D7 (Cadmus Computer Systems)
Interesting ports on server2.tecmint.com (192.168.0.101):
Not shown: closed ports
PORT STATE SERVICE
/tcp open ssh
/tcp open http
/tcp open rpcbind
/tcp open unknown
/tcp open mysql
/tcp open sun-answerbook
MAC Address: :::D9:8E:D7 (Cadmus Computer Systems)
Nmap finished: IP addresses ( hosts up) scanned in 2.047 seconds
7.扫描一个IP地址范围
你可以在nmap执行扫描时指定IP范围。
[root@server1 ~]# nmap 192.168.0.101-
Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2013-11-11 16:09 EST
Interesting ports on server2.tecmint.com (192.168.0.101):
Not shown: closed ports
PORT STATE SERVICE
/tcp open ssh
/tcp open http
/tcp open rpcbind
/tcp open unknown
/tcp open mysql
/tcp open sun-answerbook
MAC Address: :::D9:8E:D7 (Cadmus Computer Systems)
Nmap finished: IP addresses ( host up) scanned in 0.542 seconds
8.排除一些远程主机后再扫描
在执行全网扫描或用通配符扫描时你可以使用“-exclude”选项来排除某些你不想要扫描的主机。
[root@server1 ~]# nmap 192.168..* --exclude 192.168.0.100
Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2013-11-11 16:16 EST
Interesting ports on server2.tecmint.com (192.168.0.101):
Not shown: closed ports
PORT STATE SERVICE
/tcp open ssh
/tcp open http
/tcp open rpcbind
/tcp open unknown
/tcp open mysql
/tcp open sun-answerbook
MAC Address: :::D9:8E:D7 (Cadmus Computer Systems)
Nmap finished: IP addresses ( host up) scanned in 5.313 seconds
You have new mail in /var/spool/mail/root
9.扫描操作系统信息和路由跟踪
使用Nmap,你可以检测远程主机上运行的操作系统和版本。为了启用操作系统和版本检测,脚本扫描和路由跟踪功能,我们可以使用NMAP的“-A“选项。
[root@server1 ~]# nmap -A 192.168.0.101
Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2013-11-11 16:25 EST
Interesting ports on server2.tecmint.com (192.168.0.101):
Not shown: closed ports
PORT STATE SERVICE VERSION
/tcp open ssh OpenSSH 4.3 (protocol 2.0)
/tcp open http Apache httpd 2.2. ((CentOS))
/tcp open rpcbind (rpc #)
/tcp open status (rpc #)
/tcp open mysql MySQL (unauthorized)
/tcp open http lighttpd 1.4.
MAC Address: :::D9:8E:D7 (Cadmus Computer Systems)
No exact OS matches for host (If you know what OS is running on it, see http://www.insecure.org/cgi-bin/nmap-submit.cgi).
TCP/IP fingerprint:
SInfo(V=4.11%P=i686-redhat-linux-gnu%D=/%Tm=52814B66%O=%C=%M=)
TSeq(Class=TR%IPID=Z%TS=1000HZ)
T1(Resp=Y%DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
T2(Resp=N)
T3(Resp=Y%DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
T4(Resp=Y%DF=Y%W=%ACK=O%Flags=R%Ops=)
T5(Resp=Y%DF=Y%W=%ACK=S++%Flags=AR%Ops=)
T6(Resp=Y%DF=Y%W=%ACK=O%Flags=R%Ops=)
T7(Resp=Y%DF=Y%W=%ACK=S++%Flags=AR%Ops=)
PU(Resp=Y%DF=N%TOS=C0%IPLEN=%RIPTL=%RID=E%RIPCK=E%UCK=E%ULEN=%DAT=E)
Uptime 0.169 days (since Mon Nov :: )
Nmap finished: IP address ( host up) scanned in 22.271 seconds
从上面的输出你可以看到,Nmap显示出了远程主机操作系统的TCP / IP协议指纹,并且更加具体的显示出远程主机上的端口和服务。
10.启用Nmap的操作系统探测功能
使用选项“-O”和“-osscan-guess”也帮助探测操作系统信息。
[root@server1 ~]# nmap -O server2.tecmint.com
Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2013-11-11 17:40 EST
Interesting ports on server2.tecmint.com (192.168.0.101):
Not shown: closed ports
PORT STATE SERVICE
/tcp open ssh
/tcp open http
/tcp open rpcbind
/tcp open unknown
/tcp open mysql
/tcp open sun-answerbook
MAC Address: :::D9:8E:D7 (Cadmus Computer Systems)
No exact OS matches for host (If you know what OS is running on it, see http://www.insecure.org/cgi-bin/nmap-submit.cgi).
TCP/IP fingerprint:
SInfo(V=4.11%P=i686-redhat-linux-gnu%D=/%Tm=52815CF4%O=%C=%M=)
TSeq(Class=TR%IPID=Z%TS=1000HZ)
T1(Resp=Y%DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
T2(Resp=N)
T3(Resp=Y%DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
T4(Resp=Y%DF=Y%W=%ACK=O%Flags=Option -O and -osscan-guess also helps to discover OS
R%Ops=)
T5(Resp=Y%DF=Y%W=%ACK=S++%Flags=AR%Ops=)
T6(Resp=Y%DF=Y%W=%ACK=O%Flags=R%Ops=)
T7(Resp=Y%DF=Y%W=%ACK=S++%Flags=AR%Ops=)
PU(Resp=Y%DF=N%TOS=C0%IPLEN=%RIPTL=%RID=E%RIPCK=E%UCK=E%ULEN=%DAT=E)
Uptime 0.221 days (since Mon Nov :: )
Nmap finished: IP address ( host up) scanned in 11.064 seconds
You have new mail in /var/spool/mail/root
11.扫描主机侦测防火墙
下面的命令将扫描远程主机以探测该主机是否使用了包过滤器或防火墙。
[root@server1 ~]# nmap -sA 192.168.0.101
Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2013-11-11 16:27 EST
All scanned ports on server2.tecmint.com (192.168.0.101) are UNfiltered
MAC Address: :::D9:8E:D7 (Cadmus Computer Systems)
Nmap finished: IP address ( host up) scanned in 0.382 seconds
You have new mail in /var/spool/mail/root
12.扫描主机检测是否有防火墙保护
扫描主机检测其是否受到数据包过滤软件或防火墙的保护。
[root@server1 ~]# nmap -PN 192.168.0.101
Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2013-11-11 16:30 EST
Interesting ports on server2.tecmint.com (192.168.0.101):
Not shown: closed ports
PORT STATE SERVICE
/tcp open ssh
/tcp open http
/tcp open rpcbind
/tcp open unknown
/tcp open mysql
/tcp open sun-answerbook
MAC Address: :::D9:8E:D7 (Cadmus Computer Systems)
Nmap finished: IP address ( host up) scanned in 0.399 seconds
13.找出网络中的在线主机
使用“-sP”选项,我们可以简单的检测网络中有哪些在线主机,该选项会跳过端口扫描和其他一些检测。
[root@server1 ~]# nmap -sP 192.168..*
Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2013-11-18 11:01 EST
Host server1.tecmint.com (192.168.0.100) appears to be up.
Host server2.tecmint.com (192.168.0.101) appears to be up.
MAC Address: :::D9:8E:D7 (Cadmus Computer Systems)
Nmap finished: IP addresses ( hosts up) scanned in 5.109 seconds
14.执行快速扫描
你可以使用“-F”选项执行一次快速扫描,仅扫描列在nmap-services文件中的端口而避开所有其它的端口。
[root@server1 ~]# nmap -F 192.168.0.101
Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2013-11-11 16:47 EST
Interesting ports on server2.tecmint.com (192.168.0.101):
Not shown: closed ports
PORT STATE SERVICE
/tcp open ssh
/tcp open http
/tcp open rpcbind
/tcp open mysql
/tcp open sun-answerbook
MAC Address: :::D9:8E:D7 (Cadmus Computer Systems)
Nmap finished: IP address ( host up) scanned in 0.322 seconds
15.查看Nmap的版本
你可以使用“-V”选项来检测你机子上Nmap的版本。
[root@server1 ~]# nmap -V
Nmap version 4.11 ( http://www.insecure.org/nmap/ )
You have new mail in /var/spool/mail/root
16.顺序扫描端口
使用“-r”选项表示不会随机的选择端口扫描。
[root@server1 ~]# nmap -r 192.168.0.101
Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2013-11-11 16:52 EST
Interesting ports on server2.tecmint.com (192.168.0.101):
Not shown: closed ports
PORT STATE SERVICE
/tcp open ssh
/tcp open http
/tcp open rpcbind
/tcp open unknown
/tcp open mysql
/tcp open sun-answerbook
MAC Address: :::D9:8E:D7 (Cadmus Computer Systems)
Nmap finished: IP address ( host up) scanned in 0.363 seconds
17.打印主机接口和路由
你可以使用nmap的“–iflist”选项检测主机接口和路由信息。
[root@server1 ~]# nmap --iflist
Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2013-11-11 17:07 EST
************************INTERFACES************************
DEV (SHORT) IP/MASK TYPE UP MAC
lo (lo) 127.0.0.1/ loopback up
eth0 (eth0) 192.168.0.100/ ethernet up ::::C7:
**************************ROUTES**************************
DST/MASK DEV GATEWAY
192.168.0.0/ eth0
169.254.0.0/ eth0
从上面的输出你可以看到,nmap列举出了你系统上的接口以及它们各自的路由信息。
18.扫描特定的端口
使用Nmap扫描远程机器的端口有各种选项,你可以使用“-P”选项指定你想要扫描的端口,默认情况下nmap只扫描TCP端口。
[root@server1 ~]# nmap -p server2.tecmint.com
Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2013-11-11 17:12 EST
Interesting ports on server2.tecmint.com (192.168.0.101):
PORT STATE SERVICE
/tcp open http
MAC Address: :::D9:8E:D7 (Cadmus Computer Systems)
Nmap finished: IP address ( host up) sca
19.扫描TCP端口
你可以指定具体的端口类型和端口号来让nmap扫描。
[root@server1 ~]# nmap -p T:, server2.tecmint.com
Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2013-11-11 17:15 EST
Interesting ports on server2.tecmint.com (192.168.0.101):
PORT STATE SERVICE
/tcp open http
/tcp open sun-answerbook
MAC Address: :::D9:8E:D7 (Cadmus Computer Systems)
Nmap finished: IP address ( host up) scanned in 0.157 seconds
20.扫描UDP端口
[root@server1 ~]# nmap -sU server2.tecmint.com
Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2013-11-11 17:15 EST
Interesting ports on server2.tecmint.com (192.168.0.101):
PORT STATE SERVICE
/udp open http
/udp open sun-answerbook
MAC Address: :::D9:8E:D7 (Cadmus Computer Systems)
Nmap finished: IP address ( host up) scanned in 0.157 seconds
21.扫描多个端口
你还可以使用选项“-P”来扫描多个端口。
[root@server1 ~]# nmap -p , 192.168.0.101
Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2013-11-18 10:56 EST
Interesting ports on server2.tecmint.com (192.168.0.101):
PORT STATE SERVICE
/tcp open http
/tcp closed https
MAC Address: :::D9:8E:D7 (Cadmus Computer Systems)
Nmap finished: IP address ( host up) scanned in 0.190 seconds
22.扫描指定范围内的端口
您可以使用表达式来扫描某个范围内的端口。
- [root@server1 ~]# nmap -p 80-160 192.168.0.101
23.查找主机服务版本号
我们可以使用“-sV”选项找出远程主机上运行的服务版本。
[root@server1 ~]# nmap -sV 192.168.0.101
Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2013-11-11 17:48 EST
Interesting ports on server2.tecmint.com (192.168.0.101):
Not shown: closed ports
PORT STATE SERVICE VERSION
/tcp open ssh OpenSSH 4.3 (protocol 2.0)
/tcp open http Apache httpd 2.2. ((CentOS))
/tcp open rpcbind (rpc #)
/tcp open status (rpc #)
/tcp open mysql MySQL (unauthorized)
/tcp open http lighttpd 1.4.
MAC Address: :::D9:8E:D7 (Cadmus Computer Systems)
Nmap finished: IP address ( host up) scanned in 12.624 seconds
24.使用TCP ACK (PA)和TCP Syn (PS)扫描远程主机
有时候包过滤防火墙会阻断标准的ICMP ping请求,在这种情况下,我们可以使用TCP ACK和TCP Syn方法来扫描远程主机。
[root@server1 ~]# nmap -PS 192.168.0.101
Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2013-11-11 17:51 EST
Interesting ports on server2.tecmint.com (192.168.0.101):
Not shown: closed ports
PORT STATE SERVICE
/tcp open ssh
/tcp open http
/tcp open rpcbind
/tcp open unknown
/tcp open mysql
/tcp open sun-answerbook
MAC Address: :::D9:8E:D7 (Cadmus Computer Systems)
Nmap finished: IP address ( host up) scanned in 0.360 seconds
You have new mail in /var/spool/mail/root
25.使用TCP ACK扫描远程主机上特定的端口
[root@server1 ~]# nmap -PA -p , 192.168.0.101
Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2013-11-11 18:02 EST
Interesting ports on server2.tecmint.com (192.168.0.101):
PORT STATE SERVICE
/tcp open ssh
/tcp open http
MAC Address: :::D9:8E:D7 (Cadmus Computer Systems)
Nmap finished: IP address ( host up) scanned in 0.166 seconds
You have new mail in /var/spool/mail/root
26. 使用TCP Syn扫描远程主机上特定的端口
[root@server1 ~]# nmap -PS -p , 192.168.0.101
Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2013-11-11 18:08 EST
Interesting ports on server2.tecmint.com (192.168.0.101):
PORT STATE SERVICE
/tcp open ssh
/tcp open http
MAC Address: :::D9:8E:D7 (Cadmus Computer Systems)
Nmap finished: IP address ( host up) scanned in 0.165 seconds
You have new mail in /var/spool/mail/root
27.执行一次隐蔽的扫描
[root@server1 ~]# nmap -sS 192.168.0.101
Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2013-11-11 18:10 EST
Interesting ports on server2.tecmint.com (192.168.0.101):
Not shown: closed ports
PORT STATE SERVICE
/tcp open ssh
/tcp open http
/tcp open rpcbind
/tcp open unknown
/tcp open mysql
/tcp open sun-answerbook
MAC Address: :::D9:8E:D7 (Cadmus Computer Systems)
Nmap finished: IP address ( host up) scanned in 0.383 seconds
You have new mail in /var/spool/mail/root
28.使用TCP Syn扫描最常用的端口
[root@server1 ~]# nmap -sT 192.168.0.101
Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2013-11-11 18:12 EST
Interesting ports on server2.tecmint.com (192.168.0.101):
Not shown: closed ports
PORT STATE SERVICE
/tcp open ssh
/tcp open http
/tcp open rpcbind
/tcp open unknown
/tcp open mysql
/tcp open sun-answerbook
MAC Address: :::D9:8E:D7 (Cadmus Computer Systems)
Nmap finished: IP address ( host up) scanned in 0.406 seconds
You have new mail in /var/spool/mail/root
29.执行TCP空扫描以骗过防火墙
[root@server1 ~]# nmap -sN 192.168.0.101
Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2013-11-11 19:01 EST
Interesting ports on server2.tecmint.com (192.168.0.101):
Not shown: closed ports
PORT STATE SERVICE
/tcp open|filtered ssh
/tcp open|filtered http
/tcp open|filtered rpcbind
/tcp open|filtered unknown
/tcp open|filtered mysql
/tcp open|filtered sun-answerbook
MAC Address: :::D9:8E:D7 (Cadmus Computer Systems)
Nmap finished: IP address ( host up) scanned in 1.584 seconds
You have new mail in /var/spool/mail/root
[转]给Linux系统管理员准备的Nmap命令的29个实用范例+ tsysv 系统服务器管理器的更多相关文章
- 给Linux系统管理员准备的Nmap命令的29个实用范例
map即网络映射器对Linux系统/网络管理员来说是一个开源且非常通用的工具.Nmap用于在远程机器上探测网络,执行安全扫描,网络审计和搜寻开放端口.它会扫描远程在线主机,该主机的操作系统,包过滤器和 ...
- (转)Nmap命令的29个实用范例
Nmap命令的29个实用范例 原文:http://os.51cto.com/art/201401/428152.htm Nmap即网络映射器对Linux系统/网络管理员来说是一个开源且非常通用的工具. ...
- 给Linux系统/网络管理员准备的Nmap命令的29个实用范例
我将用两个不同的部分来涵盖大部分NMAP的使用方法,这是nmap关键的第一部分.在下面的设置中,我使用两台已关闭防火墙的服务器来测试Nmap命令的工作情况. 192.168.0.100 – serve ...
- Nmap命令的29个实用范例
Nmap即网络映射器对Linux系统/网络管理员来说是一个开源且非常通用的工具.Nmap用于在远程机器上探测网络,执行安全扫描,网络审计和搜寻开放端口.它会扫描远程在线主机,该主机的操作系统,包过滤器 ...
- Linux系统管理员不可不知的命令:sudo
对Linux系统管理员或高级用户而言,sudo是必不可少的最重要的命令之一.当我们想要运行重要任务时,sudo提供了安全的提升权限.请耐心读本文,看看sudo能为你做些什么. sudo是个统管一切的命 ...
- Linux系统-----包管理器的演变
每个电脑设备都使用某种形式的软件来执行其预定任务.在软件开发的早期,对产品进行了严格的bug和其他缺陷测试.在过去的十多年里,软件通过互联网发布,目的是通过应用新版本的软件来修复任何错误.在某些情况下 ...
- Linux 命令的20个实用范例,入门必看!
Tips: 达内Linux云计算免费课程火热抢报中,点击文末“阅读原文”快速抢! Linux中一个基本命令是ls.没有这个命令,我们会在浏览目录条目时会遇到困难.这个命令必须被每个学习Linux的人知 ...
- ls命令的20个实用范例
contents ls -l -h -lhS -l --block-size=M -a -d */ -g -G -n --color=never -i -p -r -R -t ls ~ ls --ve ...
- 【转】ls 命令的 20 个实用范例
Linux中一个基本命令是ls.没有这个命令,我们会在浏览目录条目时会遇到困难.这个命令必须被每个学习Linux的人知道. ls是什么 ls命令用于列出文件和目录.默认上,他会列出当前目录的内容.带上 ...
随机推荐
- BZOJ 1711: [Usaco2007 Open]Dingin吃饭( 最大流 )
将牛拆成两个点 i 和 i' 并连弧 , S 向每种 food 连边 , 每种 drink 向 T 连边 , 每种 food 向喜欢他的 cow 连边 到 i , 每种 drink 从喜欢它的 cow ...
- nginx根据条件跳转+跳转规则
好的参考博文: nginx rewrite规则 自己写的时候参考这两个 Nginx 伪静态Rewrite,重定向Location配置总结(转) nginx rewrite规则语法 一.输入子目录跳转 ...
- Laravel 5.1 ACL权限控制 二 之策略类
随着应用逻辑越来越复杂,要处理的权限越来越多,将所有权限定义在AuthServiceProvider显然不是一个明智的做法,因此Laravel引入了策略类,策略类是一些原生的PHP类,和控制器基于资源 ...
- 高质量程序设计指南C/C++语言——C++/C常量
- 啊上班的二号i将诶
http://www.huihui.cn/share/8112372 http://www.huihui.cn/share/8112363 http://www.huihui.cn/share/811 ...
- 省部级干部list
省部级干部表 省(市.自治区) 省(市)委书记 省(市)人大主任 省(市)长 省(市)政协主席 北京市 郭金龙 杜德印 王安顺 吉林 天津市 黄兴国 肖怀远 黄兴国 臧献甫 上海市 韩正 殷一璀(女) ...
- Oracle执行计划——处理一种并行hint不生效的情况
刚刚在itpub上看到有人在问并行hint不生效的一个问题.我做了实验也出现一样的问题,如下: 原因在这是小表,在联合时走索引了,加上full的hint,就可以启动并行的执行计划. 当然也可以采用pa ...
- Codeforces Round #262 (Div. 2) 460C. Present(二分)
题目链接:http://codeforces.com/problemset/problem/460/C C. Present time limit per test 2 seconds memory ...
- 第一篇:GCD的使用
一.主队列介绍 主队列是和主线程相关的队列,主队列是GCD自带的一种特殊的串行队列,放在主队列中的任务,都会放到主线程中执行. 提示:如果把任务放到主队列进行处理,那么不论处理函数是异步的还是同步的都 ...
- 内核必看: spinlock、 mutex 以及 semaphore
linux 内核的几种锁介绍 http://wenku.baidu.com/link?url=RdvuOpN3RPiC5aY0fKi2Xqw2MyTnpZwZbE07JriN7raJ_L6Ss8Ru1 ...