반응형
[Tool] nmap - Network exploration tool and security / port scanner
NAME
nmap - Network exploration tool and security / port scanner
SYNOPSIS
nmap [Scan Type...] [Options] {target specification}[적용 장비]
root@R70:~# uname -a
Linux R70 3.16.0-30-generic #40~14.04.1-Ubuntu SMP Thu Jan 15 17:43:14 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux[테스트 장비] TCP/UDP Only Check
root@Sawwave(AP-503):/# netstat -tu -anp
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:53 0.0.0.0:* LISTEN 3053/dnsmasq
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1481/dropbear
tcp 0 0 127.0.0.1:445 0.0.0.0:* LISTEN 1891/smbd
tcp 0 0 192.168.2.254:445 0.0.0.0:* LISTEN 1891/smbd
tcp 0 0 0.0.0.0:2601 0.0.0.0:* LISTEN 3387/zebra
tcp 0 0 127.0.0.1:139 0.0.0.0:* LISTEN 1891/smbd
tcp 0 0 192.168.2.254:139 0.0.0.0:* LISTEN 1891/smbd
tcp 0 0 127.0.0.1:10000 0.0.0.0:* LISTEN 2824/mcsd
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 1618/uhttpd
tcp 0 0 192.168.88.134:80 192.168.88.104:1814 ESTABLISHED 1618/uhttpd
tcp 0 0 :::53 :::* LISTEN 3053/dnsmasq
tcp 0 0 :::22 :::* LISTEN 1481/dropbear
tcp 0 0 ::1:445 :::* LISTEN 1891/smbd
tcp 0 0 :::5000 :::* LISTEN 2507/miniupnpd
tcp 0 0 :::2601 :::* LISTEN 3387/zebra
tcp 0 0 ::1:139 :::* LISTEN 1891/smbd
udp 0 0 192.168.2.254:5351 0.0.0.0:* 2507/miniupnpd
udp 0 0 192.168.2.254:57585 0.0.0.0:* 2507/miniupnpd
udp 0 0 0.0.0.0:53 0.0.0.0:* 3053/dnsmasq
udp 0 0 0.0.0.0:67 0.0.0.0:* 3053/dnsmasq
udp 0 0 0.0.0.0:1900 0.0.0.0:* 2507/miniupnpd
udp 0 0 192.168.2.255:137 0.0.0.0:* 1892/nmbd
udp 0 0 192.168.2.254:137 0.0.0.0:* 1892/nmbd
udp 0 0 0.0.0.0:137 0.0.0.0:* 1892/nmbd
udp 0 0 192.168.2.255:138 0.0.0.0:* 1892/nmbd
udp 0 0 192.168.2.254:138 0.0.0.0:* 1892/nmbd
udp 0 0 0.0.0.0:138 0.0.0.0:* 1892/nmbd
udp 0 0 0.0.0.0:38302 0.0.0.0:* 1319/hostapd
udp 0 0 0.0.0.0:1701 0.0.0.0:* 1903/xl2tpd
udp 0 0 :::5351 :::* 2507/miniupnpd
udp 0 0 :::53 :::* 3053/dnsmasq
root@Sawwave(AP-503):/#-f : 방화벽 우회 : 처음 16바이트 뒤의 4바이트로 나눠 전송
-s. : Scan하라는 옵션이고 뒤의 문자에 따라서 대상과 방법을 결정한다.
X : XMAS - ACK, FIN, RST, SYN, URG 플래그를 모두 설정하여 패킷 전송
U : UDP
T : TCP
S : 스텔스 - 접속 흔적을 남기지 않음
-O : OS를 추정한다.
-p : 포트 다수 지정 가능 (예> -p 21,22,23 )
-v : verbose mode - 진행에 따른 정보 표시
참고> 하나만 선택해야하는 옵션들도 있다.
root@R70:~# nmap -f -sX -sT -sU -sS -O 192.168.88.134 You specified more than one type of TCP scan. Please choose only one of -sA, -b, -sT, -sF, -sI, -sM, -sN, -sS, -sW, and -sX QUITTING! root@R70:~#
참고> 진행시 엔터를 치면 현재까지의 진행도를 프린트해준다.
[테스트 결과]
root@R70:~# nmap -f -sX -sU -O 192.168.88.134
Starting Nmap 6.40 ( http://nmap.org ) at 2018-09-14 09:34 KST
Stats: 0:14:51 elapsed; 0 hosts completed (1 up), 1 undergoing UDP Scan
UDP Scan Timing: About 81.13% done; ETC: 09:52 (0:03:07 remaining)
Nmap scan report for 192.168.88.134
Host is up (0.0015s latency).
Not shown: 1989 closed ports
PORT STATE SERVICE
22/tcp open|filtered ssh
53/tcp open|filtered domain
80/tcp open|filtered http
2601/tcp open|filtered zebra
5000/tcp open|filtered upnp
53/udp open|filtered domain
67/udp open|filtered dhcps
137/udp open|filtered netbios-ns
138/udp open|filtered netbios-dgm
1701/udp open|filtered L2TP
1900/udp open|filtered upnp
MAC Address: 7C:4F:7D:00:0B:C7 (Unknown)
Too many fingerprints match this host to give specific OS details
Network Distance: 1 hop
OS detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 1105.36 seconds
root@R70:~# with : -v
root@R70:~# nmap -f -v -sX -sU -O 192.168.88.134
Starting Nmap 6.40 ( http://nmap.org ) at 2018-09-14 10:06 KST
Initiating ARP Ping Scan at 10:06
Scanning 192.168.88.134 [1 port]
Completed ARP Ping Scan at 10:06, 0.21s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 10:06
Completed Parallel DNS resolution of 1 host. at 10:06, 0.03s elapsed
Initiating XMAS Scan at 10:06
Scanning 192.168.88.134 [1000 ports]
Increasing send delay for 192.168.88.134 from 0 to 5 due to 47 out of 155 dropped probes since last increase.
Increasing send delay for 192.168.88.134 from 5 to 10 due to 31 out of 102 dropped probes since last increase.
Increasing send delay for 192.168.88.134 from 10 to 20 due to 11 out of 23 dropped probes since last increase.
Increasing send delay for 192.168.88.134 from 20 to 40 due to 11 out of 23 dropped probes since last increase.
Increasing send delay for 192.168.88.134 from 40 to 80 due to 11 out of 30 dropped probes since last increase.
XMAS Scan Timing: About 49.62% done; ETC: 10:07 (0:00:31 remaining)
Completed XMAS Scan at 10:07, 86.82s elapsed (1000 total ports)
Initiating UDP Scan at 10:07
Scanning 192.168.88.134 [1000 ports]
Increasing send delay for 192.168.88.134 from 0 to 50 due to max_successful_tryno increase to 4
Increasing send delay for 192.168.88.134 from 50 to 100 due to max_successful_tryno increase to 5
Increasing send delay for 192.168.88.134 from 100 to 200 due to max_successful_tryno increase to 6
Increasing send delay for 192.168.88.134 from 200 to 400 due to 11 out of 11 dropped probes since last increase.
Increasing send delay for 192.168.88.134 from 400 to 800 due to 11 out of 11 dropped probes since last increase.
UDP Scan Timing: About 4.90% done; ETC: 10:18 (0:10:02 remaining)
UDP Scan Timing: About 7.96% done; ETC: 10:20 (0:11:45 remaining)
UDP Scan Timing: About 27.05% done; ETC: 10:23 (0:11:06 remaining)
UDP Scan Timing: About 34.04% done; ETC: 10:23 (0:10:18 remaining)
UDP Scan Timing: About 39.55% done; ETC: 10:23 (0:09:30 remaining)
UDP Scan Timing: About 45.06% done; ETC: 10:23 (0:08:41 remaining)
UDP Scan Timing: About 50.26% done; ETC: 10:23 (0:07:53 remaining)
UDP Scan Timing: About 55.77% done; ETC: 10:23 (0:07:02 remaining)
UDP Scan Timing: About 60.99% done; ETC: 10:23 (0:06:13 remaining)
UDP Scan Timing: About 66.74% done; ETC: 10:24 (0:05:22 remaining)
UDP Scan Timing: About 72.21% done; ETC: 10:24 (0:04:31 remaining)
UDP Scan Timing: About 77.39% done; ETC: 10:24 (0:03:39 remaining)
UDP Scan Timing: About 82.55% done; ETC: 10:24 (0:02:50 remaining)
UDP Scan Timing: About 87.85% done; ETC: 10:24 (0:01:58 remaining)
UDP Scan Timing: About 93.10% done; ETC: 10:24 (0:01:07 remaining)
Completed UDP Scan at 10:24, 1007.93s elapsed (1000 total ports)
Initiating OS detection (try #1) against 192.168.88.134
adjust_timeouts2: packet supposedly had rtt of -100271 microseconds. Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -100271 microseconds. Ignoring time.
Retrying OS detection (try #2) against 192.168.88.134
adjust_timeouts2: packet supposedly had rtt of -149514 microseconds. Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -149514 microseconds. Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -174118 microseconds. Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -174118 microseconds. Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -174666 microseconds. Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -174666 microseconds. Ignoring time.
Nmap scan report for 192.168.88.134
Host is up (0.00056s latency).
Not shown: 1989 closed ports
PORT STATE SERVICE
22/tcp open|filtered ssh
53/tcp open|filtered domain
80/tcp open|filtered http
2601/tcp open|filtered zebra
5000/tcp open|filtered upnp
53/udp open|filtered domain
67/udp open|filtered dhcps
137/udp open|filtered netbios-ns
138/udp open|filtered netbios-dgm
1701/udp open|filtered L2TP
1900/udp open|filtered upnp
MAC Address: 7C:4F:7D:00:0B:C7 (Unknown)
Too many fingerprints match this host to give specific OS details
Network Distance: 1 hop
Read data files from: /usr/bin/../share/nmap
OS detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 1097.76 seconds
Raw packets sent: 2757 (98.793KB) | Rcvd: 2436 (116.443KB)
root@R70:~#반응형
'프로...NetWork' 카테고리의 다른 글
| [TS] Bridge에서 drop counter 증가하면서 ping이 안되는 경우 (0) | 2018.10.23 |
|---|---|
| Ing> [iptables] iptables 정리 (0) | 2018.09.21 |
| [iptables] iptables 정리 (0) | 2018.09.12 |
| [프로토콜] l2tp(Linux xl2tpd) (0) | 2018.09.06 |
| [NAT] 분류 (0) | 2018.09.04 |
