Shulou(Shulou.com)05/31 Report--

This article introduces the relevant knowledge of "how to use the Nmap command of Linux". Many people will encounter such a dilemma in the operation of actual cases, so let the editor lead you to learn how to deal with these situations. I hope you can read it carefully and be able to achieve something!

Nmap, the network mapper, is an open source and very general tool for Linux system / network administrators. Nmap is used to detect networks on remote machines, perform security scans, network audits, and search for open ports. It scans the remote online host, the host's operating system, packet filters and open ports.

I will cover most of the usage of NMAP with two different parts, which is the key part of nmap. In the following setup, I used two servers with firewalls turned off to test the operation of the Nmap command.

192.168.0.100-server1.tecmint.com 192.168.0.101-server2.tecmint.com

NMAP command usage

# nmap [Scan Type (s)] [Options] {target specification}

How to install NMAP under Linux

Most Linux distributions like Red Hat,CentOS,Fedoro,Debian and Ubuntu now come with Nmap in their default package management libraries (that is, Yum and APT), both of which are used to install and manage packages and updates. Install Nmap on the distribution using the following command.

# yum install nmap [on Red Hat based systems] $sudo apt-get install nmap [on Debian based systems]

Once you have installed the nmap application of * *, you can follow the example instructions provided in this article.

1. Scan the system with hostname and IP address

The Nmap tool provides a variety of ways to scan the system. In this example, I use the server2.tecmint.com hostname to scan the system for all open ports, services, and MAC addresses on the system.

Scan with hostname

[root@server1] # nmap server2.tecmint.com Starting Nmap 4.11 (http://www.insecure.org/nmap/) at 2013-11-11 15:42 EST Interesting ports on server2.tecmint.com (192.168.0.101): Not shown: 1674 closed ports PORT STATE SERVICE 22/tcp open ssh 80/tcp open http 111/tcp open rpcbind 957/tcp open unknown 3306/tcp open mysql 8888/tcp open sun-answerbook MAC Address: 08:00:27:D9:8E:D7 (Cadmus Computer Systems) Nmap finished: 1 IP address (1 host up) scanned in 0.415 seconds You have new mail in / var/spool/mail/root

Scan with IP address

[root@server1] # nmap 192.168.0.101 Starting Nmap 4.11 (http://www.insecure.org/nmap/) at 2013-11-18 11:04 EST Interesting ports on server2.tecmint.com (192.168.0.101): Not shown: 1674 closed ports PORT STATE SERVICE 22/tcp open ssh 80/tcp open http 111/tcp open rpcbind 958/tcp open unknown 3306/tcp open mysql 8888/tcp open sun-answerbook MAC Address: 08:00:27:D9:8E : D7 (Cadmus Computer Systems) Nmap finished: 1 IP address (1 host up) scanned in 0.465 seconds You have new mail in / var/spool/mail/root

two。 Scan using the "- v" option

You can see that the following command gives more detailed information about the remote machine using the "- v" option.

[root@server1] # nmap-v server2.tecmint.com Starting Nmap 4.11 (http://www.insecure.org/nmap/) at 2013-11-11 15:43 EST Initiating ARP Ping Scan against 192.168.0.101 [1 port] at 15:43 The ARP Ping Scan took 0.01s to scan 1 total hosts. Initiating SYN Stealth Scan against server2.tecmint.com (192.168.0.101) [1680 ports] at 15:43 Discovered open port 22/tcp on 192.168.0.101 Discovered open port 80/tcp on 192.168.0.101 Discovered open port 8888/tcp on 192.168.0.101 Discovered open port 111/tcp on 192.168.0.101 Discovered open port 3306/tcp on 192.168.0.101 Discovered open port 957/tcp on 192.168.0.101 The SYN Stealth Scan took 0.30s to scan 1680 total ports. Host server2.tecmint.com (192.168.0.101) appears to be up... Good. Interesting ports on server2.tecmint.com (192.168.0.101): Not shown: 1674 closed ports PORT STATE SERVICE 22/tcp open ssh 80/tcp open http 111/tcp open rpcbind 957/tcp open unknown 3306/tcp open mysql 8888/tcp open sun-answerbook MAC Address: 08:00:27:D9:8E:D7 (Cadmus Computer Systems) Nmap finished: 1 IP address (1 host up) scanned in 0.485 seconds Raw packets sent: 1681 (73.962KB) | Rcvd: 1681 (77.322KB)

3. Scan multiple hosts

You can simply scan multiple hosts by adding multiple IP addresses or hostnames to the Nmap command.

[root@server1] # nmap 192.168.0.101 192.168.0.102 192.168.0.103 Starting Nmap 4.11 (http://www.insecure.org/nmap/) at 2013-11-11 16:06 EST Interesting ports on server2.tecmint.com (192.168.0.101): Not shown: 1674 closed ports PORT STATE SERVICE 22/tcp open ssh 80/tcp open http 111/tcp open rpcbind 957/tcp open unknown 3306/tcp open mysql 8888/tcp open Sun-answerbook MAC Address: 08:00:27:D9:8E:D7 (Cadmus Computer Systems) Nmap finished: 3 IP addresses (1 host up) scanned in 0.580 seconds

4. Scan the entire subnet

You can use the * wildcard to scan the entire subnet or a range of IP addresses.

[root@server1] # nmap 192.168.0.* Starting Nmap 4.11 (http://www.insecure.org/nmap/) at 2013-11-11 16:11 EST Interesting ports on server1.tecmint.com (192.168.0.100): Not shown: 1677 closed ports PORT STATE SERVICE 22/tcp open ssh 111/tcp open rpcbind 851/tcp open unknown Interesting ports on server2.tecmint.com (192.168.0.101): Not shown: 1674 closed ports PORT STATE SERVICE 22/tcp Open ssh 80/tcp open http 111/tcp open rpcbind 957/tcp open unknown 3306/tcp open mysql 8888/tcp open sun-answerbook MAC Address: 08:00:27:D9:8E:D7 (Cadmus Computer Systems) Nmap finished: 256 IP addresses (2 hosts up) scanned in 5.550 seconds You have new mail in / var/spool/mail/root

As you can see from the output above, nmap scanned the entire subnet and gave the information about the online hosts in the current network.

5. Scan multiple servers with a single byte of the IP address

You can simply specify a byte of the IP address to scan multiple IP addresses. For example, I scanned the IP addresses 192.168.0.101192.168.0.102 and 192.168.0.103 in the following execution.

[root@server1] # nmap 192.168.0.101102103 Starting Nmap 4.11 (http://www.insecure.org/nmap/) at 2013-11-11 16:09 EST Interesting ports on server2.tecmint.com (192.168.0.101): Not shown: 1674 closed ports PORT STATE SERVICE 22/tcp open ssh 80/tcp open http 111/tcp open rpcbind 957/tcp open unknown 3306/tcp open mysql 8888/tcp open sun-answerbook MAC Address: 08:00:27:D9:8E : D7 (Cadmus Computer Systems) Nmap finished: 3 IP addresses (1 host up) scanned in 0.552 seconds You have new mail in / var/spool/mail/root

6. Scan the list of hosts from a file

If you have multiple hosts to scan and all the host information is written in one file, you can directly let nmap read the file to perform the scan, and let's see how to do this.

Create a text file called "nmaptest.txt" and define all the server IP addresses or hostnames you want to scan.

[root@server1 ~] # cat > nmaptest.txt localhost server2.tecmint.com 192.168.0.101

Next, run the nmap command with the "iL" option to scan all the IP addresses listed in the file.

[root@server1] # nmap-iL nmaptest.txt Starting Nmap 4.11 (http://www.insecure.org/nmap/) at 2013-11-18 10:58 EST Interesting ports on localhost.localdomain (127.0.0.1): Not shown: 1675 closed ports PORT STATE SERVICE 22/tcp open ssh 25/tcp open smtp 111/tcp open rpcbind 631/tcp open ipp 857/tcp open unknown Interesting ports on server2.tecmint.com (192.168.0.101): Not shown: 1674 closed ports PORT STATE SERVICE 22/tcp open ssh 80/tcp open http 111/tcp open rpcbind 958/tcp open unknown 3306/tcp open mysql 8888/tcp open sun-answerbook MAC Address: 08:00:27:D9:8E:D7 (Cadmus Computer Systems) Interesting ports on server2.tecmint.com (192.168.0.101): Not shown: 1674 closed ports PORT STATE SERVICE 22/tcp open ssh 80/tcp open http 111/tcp open rpcbind 958/tcp open unknown 3306/tcp open mysql 8888/tcp open sun-answerbook MAC Address: 08:00:27:D9:8E:D7 (Cadmus Computer Systems) Nmap finished: 3 IP addresses (3 hosts up) scanned in 2.047 seconds

7. Scan a range of IP addresses

You can specify the IP range when nmap performs a scan.

[root@server1] # nmap 192.168.0.101-110 Starting Nmap 4.11 (http://www.insecure.org/nmap/) at 2013-11-11 16:09 EST Interesting ports on server2.tecmint.com (192.168.0.101): Not shown: 1674 closed ports PORT STATE SERVICE 22/tcp open ssh 80/tcp open http 111/tcp open rpcbind 957/tcp open unknown 3306/tcp open mysql 8888/tcp open sun-answerbook MAC Address: 08:00:27:D9 : 8E:D7 (Cadmus Computer Systems) Nmap finished: 10 IP addresses (1 host up) scanned in 0.542 seconds

8. Scan after excluding some remote hosts

When performing a network-wide scan or a wildcard scan, you can use the "- exclude" option to exclude some hosts that you do not want to scan.

[root@server1] # nmap 192.168.0.*-- exclude 192.168.0.100 Starting Nmap 4.11 (http://www.insecure.org/nmap/) at 2013-11-11 16:16 EST Interesting ports on server2.tecmint.com (192.168.0.101): Not shown: 1674 closed ports PORT STATE SERVICE 22/tcp open ssh 80/tcp open http 111/tcp open rpcbind 957/tcp open unknown 3306/tcp open mysql 8888/tcp open sun-answerbook MAC Address: 08:00:27:D9:8E:D7 (Cadmus Computer Systems) Nmap finished: 255IP addresses (1 host up) scanned in 5.313 seconds You have new mail in / var/spool/mail/root

9. Scan operating system information and route trace

With Nmap, you can detect the operating system and version running on the remote host. To enable operating system and version detection, script scanning, and route tracing, we can use the "- A" option of NMAP.

[root@server1] # nmap-A 192.168.0.101 Starting Nmap 4.11 (http://www.insecure.org/nmap/) at 2013-11-11 16:25 EST Interesting ports on server2.tecmint.com (192.168.0.101): Not shown: 1674 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 4.3 (protocol 2.0) 80/tcp open http Apache httpd 2.2.3 ((CentOS)) 111/tcp open rpcbind 2 (rpc # 100000) 957/tcp open status 1 (rpc # 100024) 3306/tcp open mysql MySQL (unauthorized) 8888/tcp open http lighttpd 1.4.32 MAC Address: 08:00:27:D9:8E:D7 (Cadmus Computer Systems) No exact OS matches for host (If you know what OS is running on it See http://www.insecure.org/cgi-bin/nmap-submit.cgi). TCP/IP fingerprint: SInfo (V=4.11%P=i686-redhat-linux-gnu%D=11/11%Tm=52814B66%O=22%C=1%M=080027) TSeq (Class=TR%IPID=Z%TS=1000HZ) T1 (Resp=Y%DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW) T2 (Resp=N) T3 (Resp=Y%DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW) T4 (Resp=Y%DF=Y%W=0%ACK=O%Flags=R%Ops=) T5 (Resp=Y%DF=Y%W=0%ACK=S++%Flags=AR%Ops=) T6 (Resp=Y%DF=Y%W=0%ACK=O%Flags=R%Ops=) T7 (Resp=Y%DF=Y%W=0 % ACK=S++%Flags=AR%Ops=) PU (Resp=Y%DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E) Uptime 0.169 days (since Mon Nov 11 12:22:15 2013) Nmap finished: 1 IP address (1 host up) scanned in 22.271 seconds

As you can see from the output above, Nmap shows the TCP / IP protocol fingerprint of the remote host operating system, and more specifically shows the ports and services on the remote host.

10. Enable operating system probe for Nmap

Using the options "- O" and "- osscan-guess" also helps detect operating system information.

[root@server1] # nmap-O server2.tecmint.com Starting Nmap 4.11 (http://www.insecure.org/nmap/) at 2013-11-11 17:40 EST Interesting ports on server2.tecmint.com (192.168.0.101): Not shown: 1674 closed ports PORT STATE SERVICE 22/tcp open ssh 80/tcp open http 111/tcp open rpcbind 957/tcp open unknown 3306/tcp open mysql 8888/tcp open sun-answerbook MAC Address: 08:00:27:D9:8E D7 (Cadmus Computer Systems) No exact OS matches for host (If you know what OS is running on it) See http://www.insecure.org/cgi-bin/nmap-submit.cgi). TCP/IP fingerprint: SInfo (V=4.11%P=i686-redhat-linux-gnu%D=11/11%Tm=52815CF4%O=22%C=1%M=080027) TSeq (Class=TR%IPID=Z%TS=1000HZ) T1 (Resp=Y%DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW) T2 (Resp=N) T3 (Resp=Y%DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW) T4 (Resp=Y%DF=Y%W=0%ACK=O%Flags=Option-O and-osscan-guess also helps to discover OS R% OPS =) T5 (Resp=Y%DF=Y%W=0%ACK=S++%Flags=AR%Ops=) T6 (Resp=Y%DF=Y%W=0% ACK=O%Flags=R%Ops=) T7 (Resp=Y%DF=Y%W=0%ACK=S++%Flags=AR%Ops=) PU (Resp=Y%DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E) Uptime 0.221 days (since Mon Nov 11 12:22:16 2013) Nmap finished: 1 IP address (1 host up) scanned in 11.064 seconds You have new mail in / var/spool/mail/root

11. Scan the host to detect the firewall

The following command scans the remote host to detect whether the host uses a packet filter or firewall.

[root@server1] # nmap-sA 192.168.0.101 Starting Nmap 4.11 (http://www.insecure.org/nmap/) at 2013-11-11 16:27 EST All 1680 scanned ports on server2.tecmint.com (192.168.0.101) are UNfiltered MAC Address: 08:00:27:D9:8E:D7 (Cadmus Computer Systems) Nmap finished: 1 IP address (1 host up) scanned in 0.382 seconds You have new mail in / var/spool/mail/root

twelve。 Scan the host to see if it is protected by a firewall

Scan the host to see if it is protected by packet filtering software or a firewall.

[root@server1] # nmap-PN 192.168.0.101 Starting Nmap 4.11 (http://www.insecure.org/nmap/) at 2013-11-11 16:30 EST Interesting ports on server2.tecmint.com (192.168.0.101): Not shown: 1674 closed ports PORT STATE SERVICE 22/tcp open ssh 80/tcp open http 111/tcp open rpcbind 957/tcp open unknown 3306/tcp open mysql 8888/tcp open sun-answerbook MAC Address: 08:00:27:D9 : 8E:D7 (Cadmus Computer Systems) Nmap finished: 1 IP address (1 host up) scanned in 0.399 seconds

13. Find out the online hosts in the network

Using the "- sP" option, we can simply detect which online hosts are on the network, which skips port scanning and other tests.

[root@server1] # nmap-sP 192.168.0.* Starting Nmap 4.11 (http://www.insecure.org/nmap/) at 2013-11-18 11:01 EST Host server1.tecmint.com (192.168.0.100) appears to be up. Host server2.tecmint.com (192.168.0.101) appears to be up. MAC Address: 08:00:27:D9:8E:D7 (Cadmus Computer Systems) Nmap finished: 256 IP addresses (2 hosts up) scanned in 5.109 seconds

14. Perform a quick scan

You can use the "- F" option to perform a quick scan, scanning only the ports listed in the nmap-services file and avoiding all other ports.

[root@server1] # nmap-F 192.168.0.101 Starting Nmap 4.11 (http://www.insecure.org/nmap/) at 2013-11-11 16:47 EST Interesting ports on server2.tecmint.com (192.168.0.101): Not shown: 1234 closed ports PORT STATE SERVICE 22/tcp open ssh 80/tcp open http 111/tcp open rpcbind 3306/tcp open mysql 8888/tcp open sun-answerbook MAC Address: 08:00:27:D9:8E:D7 ( Cadmus Computer Systems) Nmap finished: 1 IP address (1 host up) scanned in 0.322 seconds

15. View the version of Nmap

You can use the "- V" option to test the version of Nmap on your machine.

[root@server1] # nmap-V Nmap version 4.11 (http://www.insecure.org/nmap/) You have new mail in / var/spool/mail/root

16. Sequential scan port

Use the "- r" option to indicate that the port scan will not be selected randomly.

[root@server1] # nmap-r 192.168.0.101 Starting Nmap 4.11 (http://www.insecure.org/nmap/) at 2013-11-11 16:52 EST Interesting ports on server2.tecmint.com (192.168.0.101): Not shown: 1674 closed ports PORT STATE SERVICE 22/tcp open ssh 80/tcp open http 111/tcp open rpcbind 957/tcp open unknown 3306/tcp open mysql 8888/tcp open sun-answerbook MAC Address: 08:00:27:D9 : 8E:D7 (Cadmus Computer Systems) Nmap finished: 1 IP address (1 host up) scanned in 0.363 seconds

17. Print host interfaces and rout

You can use the "- iflist" option of nmap to detect host interface and routing information.

[root@server1] # nmap-- iflist Starting Nmap 4.11 (http://www.insecure.org/nmap/) at 2013-11-11 17:07 EST * INTERFACES**** DEV (SHORT) IP/MASK TYPE UP MAC lo (lo) 127.0.0. 1 eth0 8 loopback up eth0 (eth0) 192.168.0.100 eth0 24 ethernet up 08:00:27:11:C7:89 * * ROUTES** DST/MASK DEV GATEWAY 192.168.0.0 eth0 169.254.0.0 eth0

As you can see from the output above, nmap lists the interfaces on your system and their respective routing information.

18. Scan a specific port

There are various options for using Nmap to scan the ports of remote machines. You can use the "- P" option to specify the ports you want to scan. By default, nmap scans only TCP ports.

[root@server1] # nmap-p 80 server2.tecmint.com Starting Nmap 4.11 (http://www.insecure.org/nmap/) at 2013-11-11 17:12 EST Interesting ports on server2.tecmint.com (192.168.0.101): PORT STATE SERVICE 80/tcp open http MAC Address: 08:00:27:D9:8E:D7 (Cadmus Computer Systems) Nmap finished: 1 IP address (1 host up) sca

19. Scan TCP Port

You can specify a specific port type and port number for nmap to scan.

[root@server1] # nmap-p Tlav 8888 80 server2.tecmint.com Starting Nmap 4.11 (http://www.insecure.org/nmap/) at 2013-11-11 17:15 EST Interesting ports on server2.tecmint.com (192.168.0.101): PORT STATE SERVICE 80/tcp open http 8888/tcp open sun-answerbook MAC Address: 08:00:27:D9:8E:D7 (Cadmus Computer Systems) Nmap finished: 1 IP address (1 host up) scanned in 0.157 seconds

20. Scan UDP Port

[root@server1] # nmap-sU 53 server2.tecmint.com Starting Nmap 4.11 (http://www.insecure.org/nmap/) at 2013-11-11 17:15 EST Interesting ports on server2.tecmint.com (192.168.0.101): PORT STATE SERVICE 53/udp open http 8888/udp open sun-answerbook MAC Address: 08:00:27:D9:8E:D7 (Cadmus Computer Systems) Nmap finished: 1 IP address (1 host up) scanned in 0.157 seconds

21. Scan multiple ports

You can also use the option "- P" to scan multiple ports.

[root@server1] # nmap-p 80443 192.168.0.101 Starting Nmap 4.11 (http://www.insecure.org/nmap/) at 2013-11-18 10:56 EST Interesting ports on server2.tecmint.com (192.168.0.101): PORT STATE SERVICE 80/tcp open http 443/tcp closed https MAC Address: 08:00:27:D9:8E:D7 (Cadmus Computer Systems) Nmap finished: 1 IP address (1 host up) scanned in 0.190 seconds

twenty-two。 Scan ports within a specified range

You can use expressions to scan ports in a range.

[root@server1] # nmap-p 80-160 192.168.0.101

23. Find the host service version number

We can use the "- sV" option to find out which version of the service is running on the remote host.

[root@server1] # nmap-sV 192.168.0.101 Starting Nmap 4.11 (http://www.insecure.org/nmap/) at 2013-11-11 17:48 EST Interesting ports on server2.tecmint.com (192.168.0.101): Not shown: 1674 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 4.3 (protocol 2.0) 80/tcp open http Apache httpd 2.2.3 ((CentOS)) 111/tcp open rpcbind 2 (rpc # 100000) 957/tcp open status 1 (rpc # 100024) 3306/tcp open mysql MySQL (unauthorized) 8888/tcp open http lighttpd 1.4.32 MAC Address: 08:00:27:D9:8E:D7 (Cadmus Computer Systems) Nmap finished: 1 IP address (1 host up) scanned in 12.624 seconds

24. Scan remote hosts using TCP ACK (PA) and TCP Syn (PS)

Sometimes packet filtering firewalls block standard ICMP ping requests, in which case we can use TCP ACK and TCP Syn methods to scan remote hosts.

[root@server1] # nmap-PS 192.168.0.101 Starting Nmap 4.11 (http://www.insecure.org/nmap/) at 2013-11-11 17:51 EST Interesting ports on server2.tecmint.com (192.168.0.101): Not shown: 1674 closed ports PORT STATE SERVICE 22/tcp open ssh 80/tcp open http 111/tcp open rpcbind 957/tcp open unknown 3306/tcp open mysql 8888/tcp open sun-answerbook MAC Address: 08:00:27: D9:8E:D7 (Cadmus Computer Systems) Nmap finished: 1 IP address (1 host up) scanned in 0.360 seconds You have new mail in / var/spool/mail/root

25. Use TCP ACK to scan specific ports on a remote host

[root@server1] # nmap-PA-p 22 Starting Nmap 80 192.168.0.101 Starting Nmap 4.11 (http://www.insecure.org/nmap/) at 2013-11-11 18:02 EST Interesting ports on server2.tecmint.com (192.168.0.101): PORT STATE SERVICE 22/tcp open ssh 80/tcp open http MAC Address: 08:00:27:D9:8E:D7 (Cadmus Computer Systems) Nmap finished: 1 IP address (1 host up) scanned in 0.166 seconds You have new mail in / var/spool/mail/root

twenty-six。 Use TCP Syn to scan specific ports on a remote host

[root@server1] # nmap-PS-p 22 Starting Nmap 80 192.168.0.101 Starting Nmap 4.11 (http://www.insecure.org/nmap/) at 2013-11-11 18:08 EST Interesting ports on server2.tecmint.com (192.168.0.101): PORT STATE SERVICE 22/tcp open ssh 80/tcp open http MAC Address: 08:00:27:D9:8E:D7 (Cadmus Computer Systems) Nmap finished: 1 IP address (1 host up) scanned in 0.165 seconds You have new mail in / var/spool/mail/root

twenty-seven。 Perform a hidden scan

[root@server1] # nmap-sS 192.168.0.101 Starting Nmap 4.11 (http://www.insecure.org/nmap/) at 2013-11-11 18:10 EST Interesting ports on server2.tecmint.com (192.168.0.101): Not shown: 1674 closed ports PORT STATE SERVICE 22/tcp open ssh 80/tcp open http 111/tcp open rpcbind 957/tcp open unknown 3306/tcp open mysql 8888/tcp open sun-answerbook MAC Address: 08:00:27:D9 : 8E:D7 (Cadmus Computer Systems) Nmap finished: 1 IP address (1 host up) scanned in 0.383 seconds You have new mail in / var/spool/mail/root

twenty-eight。 Use TCP Syn to scan the most commonly used ports

[root@server1] # nmap-sT 192.168.0.101 Starting Nmap 4.11 (http://www.insecure.org/nmap/) at 2013-11-11 18:12 EST Interesting ports on server2.tecmint.com (192.168.0.101): Not shown: 1674 closed ports PORT STATE SERVICE 22/tcp open ssh 80/tcp open http 111/tcp open rpcbind 957/tcp open unknown 3306/tcp open mysql 8888/tcp open sun-answerbook MAC Address: 08:00:27:D9 : 8E:D7 (Cadmus Computer Systems) Nmap finished: 1 IP address (1 host up) scanned in 0.406 seconds You have new mail in / var/spool/mail/root

twenty-nine。 Perform a TCP null scan to fool the firewall

[root@server1 ~] # nmap-sN 192.168.0.101 Starting Nmap 4.11 (http://www.insecure.org/nmap/) at 2013-11-11 19:01 EST Interesting ports on server2.tecmint.com (192.168.0.101): Not shown: 1674 closed ports PORT STATE SERVICE 22/tcp open | filtered ssh 80/tcp open | filtered http 111/tcp open | filtered rpcbind 957/tcp open | filtered unknown 3306/tcp open | filtered mysql 8888/tcp open | filtered sun-answerbook MAC Address: 08: 00:27:D9:8E:D7 (Cadmus Computer Systems) Nmap finished: 1 IP address (1 host up) scanned in 1.584 seconds You have new mail in / var/spool/mail/root "how to use Nmap commands for Linux" ends here Thank you for your reading. If you want to know more about the industry, you can follow the website, the editor will output more high-quality practical articles for you!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.