basics

• https://nmap.org/man/de/man-port-scanning-basics.html

reine pings scan

• nmap -sP 192.168.244.50-60

schneller scan mit weniger Ports

• nmap -F 192.168.244.50

einfacher scan

SYN - SYN/ACK - RST (ohne root rechte möglich)=

• nmap -sS 192.168.244.52

vollständiger connect

SYN - SYN/ACK - ACK - RST

• nmap -sT 192.168.244.52

reverse auflösung der host

• nmap -sL 192.168.244.50-60

Angabe von Source Address und Interface

• nmap -e eth0 -S 192.168.100.254 -P0 -sS 192.168.100.72

udp scan

ports von 50 bis 70 werden gescanned (zeigte keine gewünschte ergebnisse)

• nmap -sU 192.168.244.52 -p 50-70

kompletter scan in numerischer reihenfolge

-r numerische reihenfolge -p- alle ports -v verbose

• nmap -v -r -p- -sS 192.168.244.52

os detection

• nmap -O 192.168.242.50

Starting Nmap 6.40 ( http://nmap.org ) at 2015-10-14 14:05 CEST
Nmap scan report for 192.168.242.50
Host is up (0.00013s latency).
Not shown: 991 closed ports
PORT      STATE SERVICE
135/tcp   open  msrpc
139/tcp   open  netbios-ssn
445/tcp   open  microsoft-ds
49152/tcp open  unknown
49153/tcp open  unknown
49154/tcp open  unknown
49155/tcp open  unknown
49156/tcp open  unknown
49157/tcp open  unknown
MAC Address: 48:5B:39:AD:8A:F3 (Asustek Computer)
Device type: general purpose
Running: Microsoft Windows 2008|7
OS CPE: cpe:/o:microsoft:windows_server_2008::sp2 cpe:/o:microsoft:windows_7::- cpe:/o:microsoft:windows_7::sp1 cpe:/o:microsoft:windows_8
OS details: Microsoft Windows Server 2008 SP2, Microsoft Windows 7 SP0 - SP1, Windows Server 2008 SP1, or Windows 8
Network Distance: 1 hop

OS detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 83.95 seconds

Aktiviert OS detection und Version detection, Script scanning und Traceroute

-T 4 timing

• nmap -A -T 4 192.168.242.50

Starting Nmap 6.40 ( http://nmap.org ) at 2015-10-14 14:22 CEST
Nmap scan report for 192.168.242.50
Host is up (0.00015s latency).
Not shown: 991 closed ports
PORT      STATE SERVICE     VERSION
135/tcp   open  msrpc       Microsoft Windows RPC
139/tcp   open  netbios-ssn
445/tcp   open  netbios-ssn
49152/tcp open  msrpc       Microsoft Windows RPC
49153/tcp open  msrpc       Microsoft Windows RPC
49154/tcp open  msrpc       Microsoft Windows RPC
49155/tcp open  msrpc       Microsoft Windows RPC
49156/tcp open  msrpc       Microsoft Windows RPC
49157/tcp open  msrpc       Microsoft Windows RPC
MAC Address: 48:5B:39:AD:8A:F3 (Asustek Computer)
Device type: general purpose
Running: Microsoft Windows 2008|7
OS CPE: cpe:/o:microsoft:windows_server_2008::sp2 cpe:/o:microsoft:windows_7::- cpe:/o:microsoft:windows_7::sp1 cpe:/o:microsoft:windows_8
OS details: Microsoft Windows Server 2008 SP2, Microsoft Windows 7 SP0 - SP1, Windows Server 2008 SP1, or Windows 8
Network Distance: 1 hop
Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows

Host script results:
|_nbstat: NetBIOS name: WIN-VJCRWQXC6A7, NetBIOS user: <unknown>, NetBIOS MAC: 48:5b:39:ad:8a:f3 (Asustek Computer)
| smb-os-discovery: 
|   OS: Windows Server (R) 2008 Enterprise 6001 Service Pack 1 (Windows Server (R) 2008 Enterprise 6.0)
|   OS CPE: cpe:/o:microsoft:windows_server_2008::sp1
|   Computer name: WIN-VJCRWQXC6A7
|   NetBIOS computer name: WIN-VJCRWQXC6A7
|   Workgroup: WORKGROUP
|_  System time: 2015-10-14T14:23:23+02:00
| smb-security-mode: 
|   Account that was used for smb scripts: guest
|   User-level authentication
|   SMB Security: Challenge/response passwords supported
|_  Message signing disabled (dangerous, but default)
|_smbv2-enabled: Server supports SMBv2 protocol

TRACEROUTE
HOP RTT     ADDRESS
1   0.16 ms 192.168.242.50

OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 64.83 seconds

Links

• http://wiki.ubuntuusers.de/nmap
• https://nmap.org/man/de/