linux 下nmap命令使用
通过一个IP地址我们可以知道多少信息?
一、查询到主机的mac 地址
- windows 下使用nbtstat -a IP地址命令
这种方式利用NetBIOS协议
C:\Users\Terry>nbtstat -a 172.24.3.135
本地连接:
节点 IP 址址: [0.0.0.0] 范围 ID: []
找不到主机。
无线网络连接:
节点 IP 址址: [172.24.3.29] 范围 ID: []
NetBIOS 远程计算机名称表
名称 类型 状态
---------------------------------------------
TA-CN <00> 组 已注册
ITD-GANQING0-D1<00> 唯一 已注册
ITD-GANQING0-D1<20> 唯一 已注册
TA-CN <1E> 组 已注册
MAC 地址 = FC-4D-D4-F4-65-95
但是如果没有开放netbios协议,就会找不到
C:\Users\Terry>nbtstat -a 172.24.3.100
本地连接:
节点 IP 址址: [0.0.0.0] 范围 ID: []
找不到主机。
无线网络连接:
节点 IP 址址: [172.24.3.29] 范围 ID: []
2.linux 下使用nmap 命令
[root@localhost ~]# nmap 172.24.3.100 Starting Nmap 5.51 ( http://nmap.org ) at 2014-10-16 15:50 CST Nmap scan report for 172.24.3.100 Host is up (0.000093s latency). Not shown: 989 filtered ports PORT STATE SERVICE 22/tcp open ssh 80/tcp open http 427/tcp open svrloc 443/tcp open https 902/tcp open iss-realsecure 5988/tcp closed wbem-http 5989/tcp open wbem-https 8000/tcp open http-alt 8080/tcp closed http-proxy 8100/tcp open xprint-server 8300/tcp closed tmi MAC Address: 00:10:18:1A:7B:EA (Broadcom) Nmap done: 1 IP address (1 host up) scanned in 11.95 seconds [root@localhost ~]#
我们可以看到172.24.3.100,这个ip开放了哪些协议,端口是多少甚至还列出来网卡的品牌
二. 利用IP地址查看主机的os
[root@localhost ~]# nmap -O 172.24.3.135 Starting Nmap 5.51 ( http://nmap.org ) at 2014-10-16 15:56 CST Nmap scan report for 172.24.3.135 Host is up (0.0020s latency). Not shown: 989 closed ports PORT STATE SERVICE 135/tcp open msrpc 139/tcp open netbios-ssn 443/tcp open https 445/tcp open microsoft-ds 1025/tcp open NFS-or-IIS 1026/tcp open LSA-or-nterm 1027/tcp open IIS 1050/tcp open java-or-OTGfileshare 3389/tcp open ms-term-serv 5003/tcp open filemaker 50500/tcp open unknown MAC Address: FC:4D:D4:F4:65:95 (Unknown) Device type: general purpose Running: Microsoft Windows Vista|2008|7 OS details: Microsoft Windows Vista SP0 - SP2, Server 2008, or Windows 7 Ultimate Network Distance: 1 hop OS detection performed. Please report any incorrect results at http://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 2.66 seconds [root@localhost ~]#
3.找出网络中的在线主机
<>
[root@localhost ~]# nmap -sP 172.24.62.* Starting Nmap 5.51 ( http://nmap.org ) at 2014-10-16 15:57 CST Nmap scan report for 172.24.62.1 Host is up (0.00074s latency). Nmap scan report for 172.24.62.11 Host is up (0.00041s latency). Nmap scan report for 172.24.62.12 Host is up (0.00039s latency). Nmap scan report for 172.24.62.13 Host is up (0.00053s latency). Nmap scan report for 172.24.62.14 Host is up (0.00052s latency).......
更多的参考文档: