Nmap básico
Nmap es el scanner de puertos por excelencia, y esta licenciado bajo la GPL.
A continuación dejo unos ejemplos basicos pero muy utiles de esta herramienta. Para profundizar en nmap visitar http://insecure.org/nmap/nmap_documentation.html
1) Descubrir direcciones IP activas en la red 192.168.50.0
# nmap -sP 192.168.50.0/24
Starting nmap 3.81 ( http://www.insecure.org/nmap/ ) at 2007-03-06 14:09 CET
Host 192.168.50.0 seems to be a subnet broadcast address (returned 2 extra pings).
Host 192.168.1.100 appears to be up.
MAC Address: 00:0C:41:3A:73:1A (The Linksys Group)
Host 192.168.1.254 appears to be up.
Host 192.168.1.255 seems to be a subnet broadcast address (returned 3 extra pings).
Nmap finished: 256 IP addresses (2 hosts up) scanned in 18.312 seconds
2) Eplorar puertos TCP activos en el host 192.168.50.100 (un router Linksys)
# nmap -sT 192.168.50.100
Starting nmap 3.81 ( http://www.insecure.org/nmap/ ) at 2007-03-06 14:12 CET
Interesting ports on 192.168.50.100:
(The 1660 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE
23/tcp open telnet
53/tcp open domain
80/tcp open http
MAC Address: 00:0C:41:3A:73:1A (The Linksys Group)
Nmap finished: 1 IP address (1 host up) scanned in 1.397 seconds
y para UDP:
# nmap -sU 192.168.50.100
3) Detectar el SO utilizado por un host:
# nmap -O 192.168.50.100
Starting nmap 3.81 ( http://www.insecure.org/nmap/ ) at 2007-03-06 14:17 CET
Interesting ports on 192.168.50.100:
(The 1660 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE
23/tcp open telnet
53/tcp open domain
80/tcp open http
MAC Address: 00:0C:41:3A:73:1A (The Linksys Group)
Device type: general purpose
Running: Linux 2.4.X|2.5.X
OS details: Linux 2.4.0 - 2.5.20
Uptime 1.678 days (since Sun Mar 4 22:01:48 2007)
Nmap finished: 1 IP address (1 host up) scanned in 4.749 seconds
No hay comentarios:
Publicar un comentario