The nmap tool detects open ports
Nmap is short for Network Mapper. Nmap is a free, open source network discovery and reconnaissance tool. Nmap can scan the network for active hosts, open ports, operating system version and service detection, and perform information scanning in a stealthy manner. The installation method is as follows:
#yum installation yum -y install nmap #rpm package installation rpm -ivh nmap-4.11-1.1.x86_64.rpm
View open ports:
#View the open port information of this machine (you can also view other ip) nmap 127.0.0.1
nmap 127.0.0.1 View the open ports of this machine, and scan all ports.
This tool queries the status of open ports, but it is invalid for cloud servers, and only one port 22 can be viewed.
Nmap scan parameters
-
-p: scan the specified port
-
-A: Use aggressive scanning
-
-sV: Specify Nmap for version detection
-
-F: Scan the 100 most likely open ports
-
-v: Display redundant information, display details when scanning
-
-iL: Import the target host or target network segment from the file
-
-sn: only host discovery, no port scanning
-
– exclude: The connected host or website will not be scanned
-
-sL: only list the IP of the specified target, do not perform host discovery
-
–system-dns: Specify the DNS server of the system
-
–excludefile: The host or network segment in the imported file will not be scanned
-
-n/-R: -n means no DNS resolution; -R means DNS resolution
-
-sU: Use UDP scanning to determine the UDP port status of the target host
-
-Pn: Treat all specified hosts as enabled, skipping the process of host discovery
-
-T4: Specifies the time used by the scanning process
#There are 6 levels, the higher the level, the faster the speed, and it is easy to be detected and blocked. It is recommended to use T4
general scan command format: nmap + scan parameters + target address or network segment
telnet to see if the port is open
Command rules: telnet ip port
If the following content appears, it can be connected
If the server does not have the telnet tool, you can execute the following command to install it:
yum -y install telnet.x86_64
curl to check whether the connection port is open
Command rules: curl http:ip:port
A response indicates normal access.
nc (netcat) command to check whether a port in the remote Linux system is open
nc stands for netcat. netcat is a simple Unix tool that uses TCP or UDP protocols to read and write data between network connections.
It is designed to be a reliable backend tool that can be used directly or simply called by other programs or scripts.
At the same time, it is also a feature-rich network debugging and exploration tool, as it can create almost any type of connection you need, and also has several interesting features built-in.
Netcat has three types of functional modes, which are connection mode, listening mode and tunnel mode.
General syntax of the nc (netcat) command:
nc [-options] [HostName or IP] [PortNumber]
In the following example, we will check if port 22 is open in the remote Linux system.
[root@zjq zjq666]# nc -zvw3 121.xxx.234.456 8848 Ncat: Version 7.50 ( https://nmap.org/ncat ) Ncat: Connected to 121.xxx.234.456:8848. Ncat: 0 bytes sent, 0 bytes received in 0.01 seconds.
Detailed command parameters:
-
nc: the body of the executed command;
-
z: zero I/O mode (used for scanning);
-
v: output explicitly;
-
w3: set the timeout to 3 seconds;
-
121.xxx.234.456: IP address of the target system;
-
8848: The port that needs to be authenticated
netstat tool to view enabled ports
The command is as follows:
netstat -ntlp can query port usage to avoid port conflicts.