Shulou(Shulou.com)06/01 Report--

This article will explain in detail what the practical command line skills of nmap are, and the editor thinks it is very practical, so I share it for you as a reference. I hope you can get something after reading this article.

1) obtain the system type and open port of the remote host

Nmap-sS-P0-sV-O

Here

It can be a single IP, or hostname, or domain name, or subnet

-sS TCP SYN scan (also known as semi-open, or stealth scan)

-P0 allows you to turn off ICMP pings.

-sV open system version detection

-O attempts to identify the remote operating system

Other options:

-A turn on operating system fingerprint and version detection at the same time

-v output the scan in detail.

Nmap-sS-P0-A-v

2) list the hosts with the specified ports open

Nmap-sT-p 80-oG-192.168.1.* | grep open

3) find all online hosts on the network

Nmap-sP 192.168.0.*

Or you can use the following command:

Nmap-sP 192.168.0.0 Universe 24

Specify subnet

4) IP address within the specified range of Ping

Nmap-sP 192.168.1.100-254

5) search for unoccupied IP on a certain subnet

Nmap-T4-sP 192.168.2.0 Plus 24 & & egrep "00 proc/net/arp 00" / proc/net/arp

6) scan the local area network for Conficker worm

Nmap-PN-T4-p139445-n-v-- script=smb-check-vulns-- script-args safe=1 192.168.0.1-254

7) scan the network for malicious access points (rogue APs).

Nmap-A-p1-85 oA wapscan 443 nmap-8100-T4-- min-hostgroup 50-- max-rtt-timeout 2000-- initial-rtt-timeout 2000-- max-retries 3-- host-timeout 20m-- max-scan-delay 1000-oA wapscan 10.0.0.0Comp8

8) use bait scanning method to scan the host port

Sudo nmap-sS 192.168.0.10-D 192.168.0.2

9) list reverse DNS records for a subnet

Nmap-R-sL 209.85.229.99 print 27 | awk'{if ($3 million = "not") print "(" $2 ") no PTR"; else print$3 "is" $2}'| grep'('

10) how many Linux and Win devices are displayed on the network?

Sudo nmap-F-O 192.168.0.1-255 | grep "Running:" > / tmp/os; echo "$(cat / tmp/os | grep Linux | wc-l) Linux device (s)"; echo "$(cat / tmp/os | grep Windows | wc-l) Window (s) device"

This is the end of this article on "what are the practical command line skills of nmap?". I hope the above content can be helpful to you, so that you can learn more knowledge. if you think the article is good, please share it for more people to see.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.