其他分享
首页 > 其他分享> > 第5章 批量主机扫描 nmap、ncat

第5章 批量主机扫描 nmap、ncat

作者:互联网

第5章 批量主机扫描


批量主机服务扫描目的:    1、批量主机存活扫描。    2、针对主机服务扫描作用:
1、能更方便快捷获取网络中主机的存活状态。2、更加细致、智能获取主机服务侦査情况。
典型命令:nmap、ncat

nmap命令的使用介绍

扫描类型 描述特点
ICMP协议类型(-P)ping扫描简单、快速、有效
TCP SYN 扫描(-sS)TCP半开放扫描1、高效 2、不易被检测 3、通用
TCP connect(扫描(-sT)TCP全开放扫描1、真实 2、结果可靠
UDP扫描(-sU)UDP协议扫描有效透过防火墙策略




icmp 不是tcp 协议


[root@centos-6 ~]# nmap -sP 10.0.1.10Starting Nmap 5.51 ( http://nmap.org ) at 2019-10-14 07:27 UTCNmap scan report for 10.0.1.10Host is up (0.00034s latency).MAC Address: 08:00:27:66:D2:2F (Cadmus Computer Systems)Nmap done: 1 IP address (1 host up) scanned in 0.12 seconds[root@centos-6 ~]# nmap -sP 10.0.1.0/24
Starting Nmap 5.51 ( http://nmap.org ) at 2019-10-14 07:27 UTCNmap scan report for 10.0.1.1Host is up (0.00021s latency).MAC Address: 0A:00:27:00:00:1A (Unknown)Nmap scan report for 10.0.1.10Host is up (0.00024s latency).MAC Address: 08:00:27:66:D2:2F (Cadmus Computer Systems)Nmap scan report for 10.0.1.60Host is up.Nmap done: 256 IP addresses (3 hosts up) scanned in 9.26 seconds

[root@centos-6 ~]# nmap -sS 10.0.1.10Starting Nmap 5.51 ( http://nmap.org ) at 2019-10-14 07:32 UTCNmap scan report for 10.0.1.10Host is up (0.000074s latency).Not shown: 997 closed portsPORT STATE SERVICE22/tcp open ssh111/tcp open rpcbind3306/tcp open mysqlMAC Address: 08:00:27:66:D2:2F (Cadmus Computer Systems)Nmap done: 1 IP address (1 host up) scanned in 0.09 seconds

0-1024    默认扫描  [root@centos-6 ~]# nmap -sS -p 0-30000 10.0.1.10Starting Nmap 5.51 ( http://nmap.org ) at 2019-10-14 07:42 UTCNmap scan report for 10.0.1.10Host is up (0.000070s latency).Not shown: 29998 closed portsPORT STATE SERVICE22/tcp open ssh111/tcp open rpcbind3306/tcp open mysqlMAC Address: 08:00:27:66:D2:2F (Cadmus Computer Systems)Nmap done: 1 IP address (1 host up) scanned in 1.38 seconds

[root@centos-6 ~]# nmap -sT -p 0-30000 10.0.1.10 
Starting Nmap 5.51 ( http://nmap.org ) at 2019-10-14 07:43 UTCNmap scan report for 10.0.1.10Host is up (0.0016s latency).Not shown: 29998 closed portsPORT STATE SERVICE22/tcp open ssh111/tcp open rpcbind3306/tcp open mysqlMAC Address: 08:00:27:66:D2:2F (Cadmus Computer Systems)Nmap done: 1 IP address (1 host up) scanned in 2.10 seconds


扫描用udp会慢,一直处于等待的状态

ncat工具使用

组合参数-W 设置的超时时间-z —个输入输出模式-ν 显示命令执行过程方式一、基于tcp协议(默认)    nc -v -z -w2 10.10.250.254 1-50方式二、基于udp协议-unc -v -u -z -w2 10.10.250.254 1-50
[root@centos-6 ~]# nc -v -z -w2 10.0.1.10 1-100nc: connect to 10.0.1.10 port 1 (tcp) failed: Connection refusednc: connect to 10.0.1.10 port 2 (tcp) failed: Connection refusednc: connect to 10.0.1.10 port 3 (tcp) failed: Connection refusednc: connect to 10.0.1.10 port 4 (tcp) failed: Connection refusednc: connect to 10.0.1.10 port 5 (tcp) failed: Connection refusednc: connect to 10.0.1.10 port 6 (tcp) failed: Connection refusednc: connect to 10.0.1.10 port 7 (tcp) failed: Connection refusednc: connect to 10.0.1.10 port 8 (tcp) failed: Connection refusednc: connect to 10.0.1.10 port 9 (tcp) failed: Connection refusednc: connect to 10.0.1.10 port 10 (tcp) failed: Connection refusednc: connect to 10.0.1.10 port 11 (tcp) failed: Connection refusednc: connect to 10.0.1.10 port 12 (tcp) failed: Connection refusednc: connect to 10.0.1.10 port 13 (tcp) failed: Connection refusednc: connect to 10.0.1.10 port 14 (tcp) failed: Connection refusednc: connect to 10.0.1.10 port 15 (tcp) failed: Connection refusednc: connect to 10.0.1.10 port 16 (tcp) failed: Connection refusednc: connect to 10.0.1.10 port 17 (tcp) failed: Connection refusednc: connect to 10.0.1.10 port 18 (tcp) failed: Connection refusednc: connect to 10.0.1.10 port 19 (tcp) failed: Connection refusednc: connect to 10.0.1.10 port 20 (tcp) failed: Connection refusednc: connect to 10.0.1.10 port 21 (tcp) failed: Connection refusedConnection to 10.0.1.10 22 port [tcp/ssh] succeeded!nc: connect to 10.0.1.10 port 23 (tcp) failed: Connection refusednc: connect to 10.0.1.10 port 24 (tcp) failed: Connection refused


[root@centos-6 ~]# nc -u -v -z -w2 10.0.1.10 1-100
内核限制,单位时间不可达的数量



标签:10.0,批量,1.10,nmap,tcp,failed,connect,port,ncat
来源: https://www.cnblogs.com/wenyule/p/13648982.html