2021-09-22 14:09:42 +00:00
|
|
|
= nmap =
|
|
|
|
|
|
|
|
|
|
A great tool for scanning hosts over the network
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
== Options ==
|
|
|
|
|
|
|
|
|
|
=== Hide yourself ===
|
|
|
|
|
|
|
|
|
|
* -D (Decoys)
|
|
|
|
|
- Usage: -D {IP_ADDR,IP_ADDR,...}
|
|
|
|
|
- list of hosts to send packets from. will spoof outgoing packets to appear
|
|
|
|
|
as if they come from these hosts. Can help fool [[IDS]] by hiding the real
|
|
|
|
|
address of the machine performing the scan
|
|
|
|
|
* -S (source address)
|
|
|
|
|
- Usage: -S IP_ADDR
|
|
|
|
|
- spoof the source address for packets for the scan. For this the -e option
|
|
|
|
|
is required, as well as -Pn
|
|
|
|
|
* -e (interface)
|
|
|
|
|
- Usage: -e INTERFACE
|
|
|
|
|
- set which interface to use when sending out packets, ie eth0 or wlan0
|
|
|
|
|
* -Pn (all hosts online)
|
|
|
|
|
- Usage: -Pn
|
|
|
|
|
- Treat all hosts as online, dont bother to check if theyre up or not
|
|
|
|
|
* -b (bounce)
|
|
|
|
|
- Usage: -b FTP.HOST.COM
|
|
|
|
|
- 'Bounce' our scan through a ftp host. does this by making it appear as if
|
|
|
|
|
we're requesting files, then watch how the server replies
|
|
|
|
|
|
|
|
|
|
=== Obtrusive ===
|
|
|
|
|
|
|
|
|
|
* -O (OS detection)
|
|
|
|
|
- Usage: -O
|
|
|
|
|
- Will attempt to see what OS the target system is running. Is pretty
|
|
|
|
|
invasive so be catious when using this
|
|
|
|
|
* -A (OS/version detection)
|
|
|
|
|
- Usage: -A
|
|
|
|
|
- Will attempt to detect both OS and OS version. Very obtrusive
|
|
|
|
|
* -T<0-5> (Timing template)
|
|
|
|
|
- Determine how fast the scan will go. higher is faster, yet more aggressive
|
|
|
|
|
and obvious to [[IDS]]
|
|
|
|
|
* -p (Scan specific port)
|
|
|
|
|
- Usage: -p<1-65535>
|
|
|
|
|
- Scans specified ports only. use -p- to scan every port
|
|
|
|
|
|
2021-09-23 17:54:24 +00:00
|
|
|
[[index]]
|
