'NMAP'에 해당되는 글 3건

  1. 2011.12.31 eth 1394에서의 nmap 실행 실패
  2. 2010.10.11 nmap 도움말 (2)
  3. 2010.10.01 nmap for windows(zenmap)
프로그램 사용/nmap2011.12.31 20:21
ifconfig를 통해서 보면 Link encapsulation이 Ethernet이 아닌 UNSPEC이기 때문에
nmap 이 실행되지 않는다. 머.. 이런 저런 이유가 있군 -_-

$ nmap 192.168.10.1

Starting Nmap 5.00 ( http://nmap.org ) at 2011-12-31 20:04 KST
Note: Host seems down. If it is really up, but blocking our ping probes, try -PN
Nmap done: 1 IP address (0 hosts up) scanned in 3.25 seconds
minimonk@devbuntu:~$ sudo nmap 192.168.10.1
[sudo] password for minimonk: 

Starting Nmap 5.00 ( http://nmap.org ) at 2011-12-31 20:04 KST
Error compiling our pcap filter: ethernet addresses supported only on ethernet/FDDI/token ring/802.11/ATM LANE/Fibre Channel
QUITTING! 

$ ifconfig
eth1      Link encap:Ethernet  HWaddr 00:00:00:00:00:00
          inet6 addr: 0::0:0:0:0/64 Scope:Link
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1 errors:0 dropped:5 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:0 (0.0 B)  TX bytes:84 (84.0 B)
          Interrupt:18 Base address:0x6000 Memory:bc008000-bc008fff 

eth2      Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  
          inet addr:192.168.10.2  Bcast:192.168.10.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:14348 errors:0 dropped:0 overruns:0 frame:0
          TX packets:13061 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:1047985 (1.0 MB)  TX bytes:1313497 (1.3 MB) 





신고

'프로그램 사용 > nmap' 카테고리의 다른 글

eth 1394에서의 nmap 실행 실패  (0) 2011.12.31
nmap 도움말  (2) 2010.10.11
nmap for windows(zenmap)  (0) 2010.10.01
Posted by 구차니
TAG NMAP

댓글을 달아 주세요

프로그램 사용/nmap2010.10.11 12:02
가장 간단한 사용법은
nmap ip (1개의 아이피에 대해 1000개의 포트스캔)

조금 복잡한 사용법은
nmap -p 1-65535 ip (1개의 아이피에 대해 모든 포트스캔)

Nmap 5.21 ( http://nmap.org )
Usage: nmap [Scan Type(s)] [Options] {target specification}
TARGET SPECIFICATION:
  Can pass hostnames, IP addresses, networks, etc.
  Ex: scanme.nmap.org, microsoft.com/24, 192.168.0.1; 10.0.0-255.1-254
  -iL <inputfilename>: Input from list of hosts/networks
  -iR <num hosts>: Choose random targets
  --exclude <host1[,host2][,host3],...>: Exclude hosts/networks
  --excludefile <exclude_file>: Exclude list from file
HOST DISCOVERY:
  -sL: List Scan - simply list targets to scan
  -sP: Ping Scan - go no further than determining if host is online
  -PN: Treat all hosts as online -- skip host discovery
  -PS/PA/PU/PY[portlist]: TCP SYN/ACK, UDP or SCTP discovery to given ports
  -PE/PP/PM: ICMP echo, timestamp, and netmask request discovery probes
  -PO[protocol list]: IP Protocol Ping
  -n/-R: Never do DNS resolution/Always resolve [default: sometimes]
  --dns-servers <serv1[,serv2],...>: Specify custom DNS servers
  --system-dns: Use OS's DNS resolver
  --traceroute: Trace hop path to each host
SCAN TECHNIQUES:
  -sS/sT/sA/sW/sM: TCP SYN/Connect()/ACK/Window/Maimon scans
  -sU: UDP Scan
  -sN/sF/sX: TCP Null, FIN, and Xmas scans
  --scanflags <flags>: Customize TCP scan flags
  -sI <zombie host[:probeport]>: Idle scan
  -sY/sZ: SCTP INIT/COOKIE-ECHO scans
  -sO: IP protocol scan
  -b <FTP relay host>: FTP bounce scan
PORT SPECIFICATION AND SCAN ORDER:
  -p <port ranges>: Only scan specified ports
    Ex: -p22; -p1-65535; -p U:53,111,137,T:21-25,80,139,8080
  -F: Fast mode - Scan fewer ports than the default scan
  -r: Scan ports consecutively - don't randomize
  --top-ports <number>: Scan <number> most common ports
  --port-ratio <ratio>: Scan ports more common than <ratio>
SERVICE/VERSION DETECTION:
  -sV: Probe open ports to determine service/version info
  --version-intensity <level>: Set from 0 (light) to 9 (try all probes)
  --version-light: Limit to most likely probes (intensity 2)
  --version-all: Try every single probe (intensity 9)
  --version-trace: Show detailed version scan activity (for debugging)
SCRIPT SCAN:
  -sC: equivalent to --script=default
  --script=<Lua scripts>: <Lua scripts> is a comma separated list of
           directories, script-files or script-categories
  --script-args=<n1=v1,[n2=v2,...]>: provide arguments to scripts
  --script-trace: Show all data sent and received
  --script-updatedb: Update the script database.
OS DETECTION:
  -O: Enable OS detection
  --osscan-limit: Limit OS detection to promising targets
  --osscan-guess: Guess OS more aggressively
TIMING AND PERFORMANCE:
  Options which take <time> are in milliseconds, unless you append 's'
  (seconds), 'm' (minutes), or 'h' (hours) to the value (e.g. 30m).
  -T<0-5>: Set timing template (higher is faster)
  --min-hostgroup/max-hostgroup <size>: Parallel host scan group sizes
  --min-parallelism/max-parallelism <time>: Probe parallelization
  --min-rtt-timeout/max-rtt-timeout/initial-rtt-timeout <time>: Specifies
      probe round trip time.
  --max-retries <tries>: Caps number of port scan probe retransmissions.
  --host-timeout <time>: Give up on target after this long
  --scan-delay/--max-scan-delay <time>: Adjust delay between probes
  --min-rate <number>: Send packets no slower than <number> per second
  --max-rate <number>: Send packets no faster than <number> per second
FIREWALL/IDS EVASION AND SPOOFING:
  -f; --mtu <val>: fragment packets (optionally w/given MTU)
  -D <decoy1,decoy2[,ME],...>: Cloak a scan with decoys
  -S <IP_Address>: Spoof source address
  -e <iface>: Use specified interface
  -g/--source-port <portnum>: Use given port number
  --data-length <num>: Append random data to sent packets
  --ip-options <options>: Send packets with specified ip options
  --ttl <val>: Set IP time-to-live field
  --spoof-mac <mac address/prefix/vendor name>: Spoof your MAC address
  --badsum: Send packets with a bogus TCP/UDP/SCTP checksum
  --adler32: Use deprecated Adler32 instead of CRC32C for SCTP checksums
OUTPUT:
  -oN/-oX/-oS/-oG <file>: Output scan in normal, XML, s|<rIpt kIddi3,
     and Grepable format, respectively, to the given filename.
  -oA <basename>: Output in the three major formats at once
  -v: Increase verbosity level (use twice or more for greater effect)
  -d[level]: Set or increase debugging level (Up to 9 is meaningful)
  --reason: Display the reason a port is in a particular state
  --open: Only show open (or possibly open) ports
  --packet-trace: Show all packets sent and received
  --iflist: Print host interfaces and routes (for debugging)
  --log-errors: Log errors/warnings to the normal-format output file
  --append-output: Append to rather than clobber specified output files
  --resume <filename>: Resume an aborted scan
  --stylesheet <path/URL>: XSL stylesheet to transform XML output to HTML
  --webxml: Reference stylesheet from Nmap.Org for more portable XML
  --no-stylesheet: Prevent associating of XSL stylesheet w/XML output
MISC:
  -6: Enable IPv6 scanning
  -A: Enables OS detection and Version detection, Script scanning and Traceroute
  --datadir <dirname>: Specify custom Nmap data file location
  --send-eth/--send-ip: Send using raw ethernet frames or IP packets
  --privileged: Assume that the user is fully privileged
  --unprivileged: Assume the user lacks raw socket privileges
  -V: Print version number
  -h: Print this help summary page.
EXAMPLES:
  nmap -v -A scanme.nmap.org
  nmap -v -sP 192.168.0.0/16 10.0.0.0/8
  nmap -v -iR 10000 -PN -p 80
SEE THE MAN PAGE (http://nmap.org/book/man.html) FOR MORE OPTIONS AND EXAMPLES

신고

'프로그램 사용 > nmap' 카테고리의 다른 글

eth 1394에서의 nmap 실행 실패  (0) 2011.12.31
nmap 도움말  (2) 2010.10.11
nmap for windows(zenmap)  (0) 2010.10.01
Posted by 구차니
TAG NMAP

댓글을 달아 주세요

  1. 포트스캐너, 이거 하다가 간간히 블럭된다능.

    2010.10.11 12:08 신고 [ ADDR : EDIT/ DEL : REPLY ]

프로그램 사용/nmap2010.10.01 15:25
nmap이 나 같은 귀차니즘 유저들을 위해 GUI 프로그램이 나왔다 -_-
솔찍히 지금도 쓰는방법을 모르면 쓰기 힘든건 마찬가지이긴 하지만..


아무튼 매우 깔끔하다.

[링크 : http://nmap.org/]
신고

'프로그램 사용 > nmap' 카테고리의 다른 글

eth 1394에서의 nmap 실행 실패  (0) 2011.12.31
nmap 도움말  (2) 2010.10.11
nmap for windows(zenmap)  (0) 2010.10.01
Posted by 구차니
TAG NMAP, zenmap

댓글을 달아 주세요