Difference between revisions of "Nmap"
(→Usage) |
(→See also) |
||
Line 48: | Line 48: | ||
*[[snoop]] — capture and inspect network packets | *[[snoop]] — capture and inspect network packets | ||
*[[netcat]] (aka <tt>nc</tt>) — a featured networking utility which reads and writes data across network connections, using the TCP/IP protocol.[http://netcat.sourceforge.net/] | *[[netcat]] (aka <tt>nc</tt>) — a featured networking utility which reads and writes data across network connections, using the TCP/IP protocol.[http://netcat.sourceforge.net/] | ||
+ | **[http://www.g-loaded.eu/2006/11/06/netcat-a-couple-of-useful-examples/ netcat: a couple of useful commands] | ||
+ | *[http://www.ivarch.com/programs/pv.shtml Pipe Viwer (pv)] | ||
+ | *[http://www.g-loaded.eu/2006/01/06/partition-images-with-partimage-and-partimaged/ partimage + partimaged] — create images of partitions | ||
*[http://logi.cc/linux/netfilter-log-format.php3 Netfilter] | *[http://logi.cc/linux/netfilter-log-format.php3 Netfilter] | ||
*[http://logi.cc/nw/NetCalc.php3 NetCalc] | *[http://logi.cc/nw/NetCalc.php3 NetCalc] |
Revision as of 14:37, 3 October 2013
nmap is network exploration tool and security scanner.
Nmap ("Network Mapper") is a free and open source utility for network exploration or security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and both console and graphical versions are available.
Contents
Usage
Note: The man page has many more examples.
Examples
- Check to see if a port is open on your
localhost
:
nmap -v localhost -p 80
It will return something like the following if the port is open:
PORT STATE SERVICE 80/tcp open http
- Get extended information on ports, etc.:
nmap -A -T4 localhost
- Determine which ports are listening for TCP connections from the network:
nmap -sT -O localhost
- If you find an "unknown" service, look it up:
grep 873 /etc/services
then find out more information about this service like so:
netstat -anp | grep 873
also:
lsof -i | grep 873
- Misc.:
nmap -v -A scanme.nmap.org nmap -v -sP 192.168.0.0/16 10.0.0.0/8 nmap -sS -O scanme.nmap.org/24 nmap -sV -p 22,53,110,143,4564 198.116.0-255.1-127
- Make Nmap choose 100,000 hosts at random and scan them for web servers (port 80). Host enumeration is disabled with -P0 since first sending a couple probes to determine whether a host is up is wasteful when you are only probing one port on each target host anyway:
nmap -v -iR 10000 -P0 -p 80
- To launch a full port scan with OS detection and service identification, use:
nmap -p 1-65535 -T5 -A -v 128.92.67.0/24 -oX scan.xml
Replace 128.92.67.0/24
with your network description or the IP address of Metasploitable.
Netstat
- show active network connections
netstat -nape --inet
See also
- Network tools for Linux
- ngrep
- tcpdump — dump traffic on a network[1]
- snoop — capture and inspect network packets
- netcat (aka nc) — a featured networking utility which reads and writes data across network connections, using the TCP/IP protocol.[2]
- Pipe Viwer (pv)
- partimage + partimaged — create images of partitions
- Netfilter
- NetCalc
- Whois
- Nagios — an Open Source host, service, and network monitoring program.
- Wireshark — network protocol analyser
- Armitage (w/ tutorial)
- Metasploit
External links
Further reading
- RFC 1122
- RFC 792
- UDP
- TCP RFC
- RFC 959
- IP protocol
- Nmap::Scanner / [3]
- Nmap::Parser / [4]
- Libpcap portable packet capture library
- WinPcap library
- PCRE library
- Libdnet
- OpenSSL cryptography toolkit