Shulou(Shulou.com)06/03 Report--

This article introduces you what are the parameters of nmap, the content is very detailed, interested friends can refer to, hope to be helpful to you.

Nmap--networkmapper, network detection tools and security / port scanners

Nmap [scan type …] [option] [scan target description]

Usage: nmap [Scan Type (s)] [Options] {target specification}

TARGET SPECIFICATION:

Can pass hostnames, IP addresses, networks, etc.

Ex: scanme.nmap.org, microsoft.com/24, 192.168.0.1; 10.0-255.0-255.1-254

-iL: Input from list of hosts/networks

-iR: Choose random targets

-- exclude: Exclude hosts/networks

-- excludefile: Exclude list from file

HOST DISCOVERY:

-sL: List Scan-simply list targets to scan

-sP: Ping Scan-go no further than determining if host is online

-P0: Treat all hosts as online-- skip host discovery

-PS/PA/PU [portlist]: TCP SYN/ACK or UDP discovery probes to given ports

-PE/PP/PM: ICMP echo, timestamp, and netmask request discovery probes

-default Murr: Never do DNS resolution/Always resolve [default: Murr]

SCAN TECHNIQUES:

-sS/sT/sA/sW/sM: TCP SYN/Connect () / ACK/Window/Maimon scans

-sN/sF/sX: TCP Null, FIN, and Xmas scans

-- scanflags: Customize TCP scanflags

-sI: Idlescan

-sO: IP protocol scan

-b: FTP bounce scan

PORT SPECIFICATION AND SCAN ORDER:

-p: Only scan specified ports

Ex:-p22;-p1-65535;-p Upura 53meme 111pjj137pl 21-25pl 80pr 139pje 8080

-F: Fast-Scan only the ports listed in the nmap-services file)

-r: Scan ports consecutively-don't randomize

SERVICE/VERSION DETECTION:

-sV: Probe open ports to determine service/version info

-- version-light: Limit to most likely probes for faster identification

-- version-all: Try every single probe for version detection

-- version-trace: Show detailed version scan activity (for debugging)

OS DETECTION:

-O: Enable OS detection

-- osscan-limit: Limit OS detection to promising targets

-- osscan-guess: Guess OS more aggressively

TIMING AND PERFORMANCE:

-T [0-6]: Set timing template (higher is faster)

-- min-hostgroup/max-hostgroup: Parallel host scan group sizes

-- min-parallelism/max-parallelism: Probe parallelization

-- min-rtt-timeout/max-rtt-timeout/initial-rtt-timeout: Specifies

Probe round trip time.

-- host-timeout: Give up on target after this long

-- scan-delay/--max-scan-delay: Adjust delay between probes

FIREWALL/IDS EVASION AND SPOOFING:

-f;-mtu: fragment packets (optionally w/given MTU)

-D: Cloak a scan with decoys

-S: Spoof source address

-e: Use specified interface

-g/--source-port: Use given port number

-- data-length: Append random data to sent packets

-- ttl: Set IP time-to-live field

-- spoof-mac: Spoof your MAC address

OUTPUT:

-oN/-oX/-oS/-oG: Output scan results in normal, XML, s |

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.