Nmap is a powerful scanner available in Unix/Linux system. It�s very usefull for network exploration and security auditing. It was designed to rapidly scan large networks, although it works fine again single hosts.
It�s very easy to install nmap in Ubuntu, just download from the internet.
sudo apt-get install nmap
In this practice, I used 2 computer.
I run nmap from Ubuntu to scan PC-01.
IP Scanning with range 192.168.0.0 � 192.168.0.255sudo nmap -sP 192.168.0.0/24
Starting Nmap 4.20 ( http://insecure.org ) at 2007-10-16 21:51 WIT
Host 192.168.0.2 appears to be up.
caught SIGINT signal, cleaning up
Starting Nmap 4.20 ( http://insecure.org ) at 2007-10-16 21:53 WIT
Host 192.168.0.2 appears to be up.
Host 192.168.0.3 appears to be up.
MAC Address: 00:0D:88:B3:72:F3 (D-Link)
Nmap finished: 255 IP addresses (2 hosts up) scanned in 31.242 seconds
Starting Nmap 4.20 ( http://insecure.org ) at 2007-10-16 22:06 WIT
Interesting ports on 192.168.0.3:
Not shown: 38 filtered ports
PORT STATE SERVICE
113/tcp closed auth
139/tcp open netbios-ssn
Nmap finished: 1 IP address (1 host up) scanned in 24.914 seconds
Starting Nmap 4.20 ( http://insecure.org ) at 2007-10-16 22:20 WIT
Interesting ports on 192.168.0.3:
Not shown: 1693 filtered ports
PORT STATE SERVICE
80/tcp open http
113/tcp closed auth
139/tcp open netbios-ssn
445/tcp open microsoft-ds
MAC Address: 00:0D:88:B3:72:F3 (D-Link)
Device type: general purpose|specialized|WAP|storage-misc
Running (JUST GUESSING):Linux 2.6.X|2.4.X (97%), Atmel Linux 2.6.X (91%), Siemens linux (91%), Linksys Linux 2.4.X (89%), Asus Linux 2.4.X (89%), Maxtor Linux 2.4.X (89%), Inventel embedded (88%)
Aggressive OS guesses: Linux 2.6.13 � 2.6.18 (97%), Linux 2.6.11 � 2.6.15 (Ubuntu or Debian) (93%), Linux 2.6.14 � 2.6.17 (92%), Linux 2.6.17 � 2.6.18 (x86) (92%), Linux 2.6.17.9 (X86) (92%), Linux 2.6.15-27-686 (Ubuntu Dapper, X86) (92%), Linux 2.6.9-42.0.2.EL (RedHat Enterprise Linux) (92%), Linux 2.6.9 � 2.6.12 (x86) (92%), Atmel AVR32 STK1000 development board (runs Linux 2.6.16.11) (91%), Siemens Gigaset SE515dsl wireless broadband router (91%)
No exact OS matches for host (test conditions non-ideal).
Network Distance: 1 hop
OS detection performed. Please report any incorrect results at http://insecure.org/nmap/submit/ .
Nmap finished: 1 IP address (1 host up) scanned in94.942 seconds
If you want to make faster scan, use-T4option on nmap command..
Starting Nmap 4.20 ( http://insecure.org ) at 2007-10-16 22:42 WIT
Interesting ports on 192.168.0.3:
Not shown: 1693 filtered ports
PORT STATE SERVICE VERSION
80/tcp open http Apache httpd 2.2.0 ((Linux/SUSE))
113/tcp closed auth
139/tcp open netbios-ssn Samba smbd 3.X (workgroup: HOME)
445/tcp open netbios-ssn Samba smbd 3.X (workgroup: HOME)
MAC Address: 00:0D:88:B3:72:F3 (D-Link)
Device type: general purpose|WAP|specialized|storage-misc|broadband router
Running (JUST GUESSING) : Linux 2.6.X|2.4.X (97%), Siemens linux (93%), Atmel Linux 2.6.X (92%), Inventel embedded (89%), Linksys Linux 2.4.X (89%), Asus Linux 2.4.X (89%), Maxtor Linux 2.4.X (89%), Netgear embedded (87%)
Aggressive OS guesses: Linux 2.6.13 � 2.6.18 (97%), Siemens Gigaset SE515dsl wireless broadband router (93%), Linux 2.6.11 � 2.6.15 (Ubuntu or Debian) (93%), Linux 2.6.15-27-686 (Ubuntu Dapper, X86) (93%), Atmel AVR32 STK1000 development board (runs Linux 2.6.16.11) (92%), Linux 2.6.14 � 2.6.17 (92%), Linux 2.6.17 � 2.6.18 (x86) (92%), Linux 2.6.17.9 (X86) (92%), Linux 2.6.9-42.0.2.EL (RedHat Enterprise Linux) (92%), Linux 2.6.9 � 2.6.12 (x86) (92%)
No exact OS matches for host (test conditions non-ideal).
Network Distance: 1 hop
OS and Service detection performed. Please report any incorrect results at http://insecure.org/nmap/submit/ .
Nmap finished: 1 IP address (1 host up) scanned in 58.830 seconds
It�s very easy to install nmap in Ubuntu, just download from the internet.
sudo apt-get install nmap
In this practice, I used 2 computer.
PC-01, IP = 192.168.0.3 (OpenSuse 10.1) with Kernel 2.6.16.13-4-default
PC-02, IP = 192.168.0.2 (Ubuntu Feisty)
I run nmap from Ubuntu to scan PC-01.
IP Scanning with range 192.168.0.0 � 192.168.0.255sudo nmap -sP 192.168.0.0/24
Starting Nmap 4.20 ( http://insecure.org ) at 2007-10-16 21:51 WIT
Host 192.168.0.2 appears to be up.
caught SIGINT signal, cleaning up
IP Scanning with range 192.168.0.1 � 192.168.0.254
sudo nmap -sP 192.168.0.1-254
Starting Nmap 4.20 ( http://insecure.org ) at 2007-10-16 21:53 WIT
Host 192.168.0.2 appears to be up.
Host 192.168.0.3 appears to be up.
MAC Address: 00:0D:88:B3:72:F3 (D-Link)
Nmap finished: 255 IP addresses (2 hosts up) scanned in 31.242 seconds
Port Scanning with range port 100 � port 139
sudo nmap 192.168.0.3 -p100-139
Starting Nmap 4.20 ( http://insecure.org ) at 2007-10-16 22:06 WIT
Interesting ports on 192.168.0.3:
Not shown: 38 filtered ports
PORT STATE SERVICE
113/tcp closed auth
139/tcp open netbios-ssn
Nmap finished: 1 IP address (1 host up) scanned in 24.914 seconds
For 40 ports, it took almost 25 seconds, so it will take much longer if you want to scan from 1-65535 (all ports in a computers).
Scanning Operating system on target IP
sudo nmap -O 192.168.0.3
Starting Nmap 4.20 ( http://insecure.org ) at 2007-10-16 22:20 WIT
Interesting ports on 192.168.0.3:
Not shown: 1693 filtered ports
PORT STATE SERVICE
80/tcp open http
113/tcp closed auth
139/tcp open netbios-ssn
445/tcp open microsoft-ds
MAC Address: 00:0D:88:B3:72:F3 (D-Link)
Device type: general purpose|specialized|WAP|storage-misc
Running (JUST GUESSING):Linux 2.6.X|2.4.X (97%), Atmel Linux 2.6.X (91%), Siemens linux (91%), Linksys Linux 2.4.X (89%), Asus Linux 2.4.X (89%), Maxtor Linux 2.4.X (89%), Inventel embedded (88%)
Aggressive OS guesses: Linux 2.6.13 � 2.6.18 (97%), Linux 2.6.11 � 2.6.15 (Ubuntu or Debian) (93%), Linux 2.6.14 � 2.6.17 (92%), Linux 2.6.17 � 2.6.18 (x86) (92%), Linux 2.6.17.9 (X86) (92%), Linux 2.6.15-27-686 (Ubuntu Dapper, X86) (92%), Linux 2.6.9-42.0.2.EL (RedHat Enterprise Linux) (92%), Linux 2.6.9 � 2.6.12 (x86) (92%), Atmel AVR32 STK1000 development board (runs Linux 2.6.16.11) (91%), Siemens Gigaset SE515dsl wireless broadband router (91%)
No exact OS matches for host (test conditions non-ideal).
Network Distance: 1 hop
OS detection performed. Please report any incorrect results at http://insecure.org/nmap/submit/ .
Nmap finished: 1 IP address (1 host up) scanned in94.942 seconds
nmap Faster Execution
If you want to make faster scan, use-T4option on nmap command..
$sudo nmap -A -T4 192.168.0.3
Starting Nmap 4.20 ( http://insecure.org ) at 2007-10-16 22:42 WIT
Interesting ports on 192.168.0.3:
Not shown: 1693 filtered ports
PORT STATE SERVICE VERSION
80/tcp open http Apache httpd 2.2.0 ((Linux/SUSE))
113/tcp closed auth
139/tcp open netbios-ssn Samba smbd 3.X (workgroup: HOME)
445/tcp open netbios-ssn Samba smbd 3.X (workgroup: HOME)
MAC Address: 00:0D:88:B3:72:F3 (D-Link)
Device type: general purpose|WAP|specialized|storage-misc|broadband router
Running (JUST GUESSING) : Linux 2.6.X|2.4.X (97%), Siemens linux (93%), Atmel Linux 2.6.X (92%), Inventel embedded (89%), Linksys Linux 2.4.X (89%), Asus Linux 2.4.X (89%), Maxtor Linux 2.4.X (89%), Netgear embedded (87%)
Aggressive OS guesses: Linux 2.6.13 � 2.6.18 (97%), Siemens Gigaset SE515dsl wireless broadband router (93%), Linux 2.6.11 � 2.6.15 (Ubuntu or Debian) (93%), Linux 2.6.15-27-686 (Ubuntu Dapper, X86) (93%), Atmel AVR32 STK1000 development board (runs Linux 2.6.16.11) (92%), Linux 2.6.14 � 2.6.17 (92%), Linux 2.6.17 � 2.6.18 (x86) (92%), Linux 2.6.17.9 (X86) (92%), Linux 2.6.9-42.0.2.EL (RedHat Enterprise Linux) (92%), Linux 2.6.9 � 2.6.12 (x86) (92%)
No exact OS matches for host (test conditions non-ideal).
Network Distance: 1 hop
OS and Service detection performed. Please report any incorrect results at http://insecure.org/nmap/submit/ .
Nmap finished: 1 IP address (1 host up) scanned in 58.830 seconds
0 nhận xét:
Đăng nhận xét