Nmap beispiele

Aus Xinux Wiki
Zur Navigation springen Zur Suche springen

Aktiviert OS detection und Version detection, Script scanning und Traceroute

-T 4 timing

  • nmap -A -T 4 192.168.242.50
Starting Nmap 6.40 ( http://nmap.org ) at 2015-10-14 14:22 CEST
Nmap scan report for 192.168.242.50
Host is up (0.00015s latency).
Not shown: 991 closed ports
PORT      STATE SERVICE     VERSION
135/tcp   open  msrpc       Microsoft Windows RPC
139/tcp   open  netbios-ssn
445/tcp   open  netbios-ssn
49152/tcp open  msrpc       Microsoft Windows RPC
49153/tcp open  msrpc       Microsoft Windows RPC
49154/tcp open  msrpc       Microsoft Windows RPC
49155/tcp open  msrpc       Microsoft Windows RPC
49156/tcp open  msrpc       Microsoft Windows RPC
49157/tcp open  msrpc       Microsoft Windows RPC
MAC Address: 48:5B:39:AD:8A:F3 (Asustek Computer)
Device type: general purpose
Running: Microsoft Windows 2008|7
OS CPE: cpe:/o:microsoft:windows_server_2008::sp2 cpe:/o:microsoft:windows_7::- cpe:/o:microsoft:windows_7::sp1 cpe:/o:microsoft:windows_8
OS details: Microsoft Windows Server 2008 SP2, Microsoft Windows 7 SP0 - SP1, Windows Server 2008 SP1, or Windows 8
Network Distance: 1 hop
Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows

Host script results:
|_nbstat: NetBIOS name: WIN-VJCRWQXC6A7, NetBIOS user: <unknown>, NetBIOS MAC: 48:5b:39:ad:8a:f3 (Asustek Computer)
| smb-os-discovery: 
|   OS: Windows Server (R) 2008 Enterprise 6001 Service Pack 1 (Windows Server (R) 2008 Enterprise 6.0)
|   OS CPE: cpe:/o:microsoft:windows_server_2008::sp1
|   Computer name: WIN-VJCRWQXC6A7
|   NetBIOS computer name: WIN-VJCRWQXC6A7
|   Workgroup: WORKGROUP
|_  System time: 2015-10-14T14:23:23+02:00
| smb-security-mode: 
|   Account that was used for smb scripts: guest
|   User-level authentication
|   SMB Security: Challenge/response passwords supported
|_  Message signing disabled (dangerous, but default)
|_smbv2-enabled: Server supports SMBv2 protocol

TRACEROUTE
HOP RTT     ADDRESS
1   0.16 ms 192.168.242.50

OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 64.83 seconds

Timing Template

Timing Templates werden benutzt wenn man vermutet das die Firewall einen Portscan erkennt und man deshalb verzögert scannen will. Oder man aggressiver an die Sache rangehen will.

  • nmap -A -T sneaky 192.168.242.50

Es gibt folgende Templates

  • paranoid (0) - verhindert IDS Erkennung
  • sneaky (1) - verhindert IDS Erkennung
  • polite (2) - langsamer Scan
  • normal (3) - normaler Scan
  • aggressive (4) - setzt schnelles Netzwerk voraus
  • insane (5) - setzt sehr schnelles Netzwerk voraus


Abgerufen von „http://wiki.ixheim.de/index.php?title=Nmap_beispiele&oldid=25485