[测试工具]网络端口扫描工具nmap

时间:2024-03-09 12:19:20

今天需要对一台网络上的服务器进行端口扫描,试用了一些,觉得nmap是一款不错的端口扫描软件,和大家分享一下。

 

软件档案

名称:nmap

版本:v5.21

主页:http://nmap.org/

大小:GUI版本:14.8MB

系统:Windows 2000/XP/Vista/7/2008

下载:http://nmap.org/dist/nmap-5.21-setup.exe

是否收费: 免费

是否绿色: 绿色软件

是否开源:开源

说明:这里下载的是Windows下的GUI版本。实际上nmap是一款跨平台的端口扫描工具,有Linux, Windows, and Mac OS X等版本。

 

安装

下载后安装,一路Next即可。

image

注意:需要按照WinPcap 4.1.1版本

安装完成:

image

 

一睹为快

安装后图标如下:

image

 

启动后如图:

image

 

看样子nmap应该是一款命令行下的工具。这个只是nmap的GUI界面

 

拿google练手

image

 

看看完整的报告:

Starting Nmap 5.21 ( http://nmap.org ) at 2010-06-23 23:46 中国标准时间

NSE: Loaded 36 scripts for scanning.

Initiating Ping Scan at 23:46

Scanning google.com (66.249.89.99) [8 ports]

Completed Ping Scan at 23:46, 0.55s elapsed (1 total hosts)

Initiating Parallel DNS resolution of 1 host. at 23:46

Completed Parallel DNS resolution of 1 host. at 23:46, 11.02s elapsed

Initiating SYN Stealth Scan at 23:46

Scanning google.com (66.249.89.99) [1000 ports]

Discovered open port 443/tcp on 66.249.89.99

Discovered open port 80/tcp on 66.249.89.99

Completed SYN Stealth Scan at 23:47, 38.60s elapsed (1000 total ports)

Initiating Service scan at 23:47

Scanning 2 services on google.com (66.249.89.99)

Completed Service scan at 23:47, 23.71s elapsed (2 services on 1 host)

Initiating OS detection (try #1) against google.com (66.249.89.99)

Retrying OS detection (try #2) against google.com (66.249.89.99)

Initiating Traceroute at 23:47

Completed Traceroute at 23:48, 0.25s elapsed

NSE: Script scanning 66.249.89.99.

NSE: Starting runlevel 1 (of 1) scan.

Initiating NSE at 23:48

Completed NSE at 23:48, 19.50s elapsed

NSE: Script Scanning completed.

Nmap scan report for google.com (66.249.89.99)

Host is up (0.24s latency).

Hostname google.com resolves to 2 IPs. Only scanned 66.249.89.99

rDNS record for 66.249.89.99: nrt04s01-in-f99.1e100.net

Not shown: 997 filtered ports

PORT    STATE  SERVICE  VERSION

80/tcp  open   http     Google httpd 2.0 (GFE)

| html-title: 302 Moved

|_Requested resource was http://www.google.com.hk/url?sa=p&cki=PREF%3DID%3D4729719c31799784:FF%3D2:LD%3Dzh-CN:NW%3D1:TM%3D1277308057:LM%3D1277308057:S%3DiBvdTBoKvkMtBvt-&q=http://www.google.com.hk/&ust=1277308087644484&usg=AFQjCNH2UNPvO_c0LJuvHKBzrpBzkPTQrg

113/tcp closed auth

443/tcp open   ssl/http Google httpd 2.0 (GFE)

| robots.txt: has 201 disallowed entries (15 shown)

| /search /groups /images /catalogs /catalogues /news 

| /nwshp /setnewsprefs? /index.html? /? /addurl/image? /pagead/ 

|_/relpage/ /relcontent /imgres

|_http-favicon: Unknown favicon MD5: 09B565A51E14B721A323F0BA44B2982A

| html-title: 302 Moved

|_Requested resource was http://www.google.com/

OS fingerprint not ideal because: Didn\'t receive UDP response. Please try again with -sSU

No OS matches for host

Network Distance: 1 hop

TCP Sequence Prediction: Difficulty=262 (Good luck!)

IP ID Sequence Generation: Randomized

Service Info: OS: Linux



TRACEROUTE (using port 113/tcp)

HOP RTT       ADDRESS

1   242.00 ms nrt04s01-in-f99.1e100.net (66.249.89.99)



Read data files from: C:\Program Files\Nmap

OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .

Nmap done: 1 IP address (1 host up) scanned in 102.19 seconds

           Raw packets sent: 2094 (95.652KB) | Rcvd: 45 (2214B)

哇,只有80和443端口开放,而且连http服务器软件也获取到了。 操作系统也是Linux。

 

恩,这个port界面挺不错的:

image

 

还有网络拓扑图:

image

 

nmap 由于参数复杂,所以它的GUI工具Zenmap提供了多个Profile来便于使用,看看“Quick Scan”

image

 

 

这只是nmap的初步使用,等我以后掌握了更多的用法,再和大家分享吧。