Cloud security infrastructure ---- Nmap port scan
Task one: Install Namp in windows virtual machine
Step one: Install Windows Namp in a real environment Windows virtual machine
1. NMAP Download - [official website address: https://nmap.org/download.html ]
2. Nmap installation
Step Two: Start Namp Windows installed to complete a number of scanning instances (binding test virtual machine environment):
1. Use the IP address of the scanning host:
2. Use the "-v" parameter display the remote host more detailed information
3. Use the "*" wildcard to scan an entire subnet or a range of IP addresses
4. Run with "-iL" option namp command to scan all IP addresses listed in the file
The scan of all hosts, and to determine the type of system to run cmd [here] as a system administrator
6. Test the host is running a certain port, and confirm running application port (192.168.1.1 This command is used to determine the host system is running certain ports)
// scan results are obviously not running any port, if you run a port, its version number will be found
7. 10 000 randomly selected an arbitrary host 80 checks whether a port is running (this should only random selection from the Internet host 10)
8. Use command nmap -P0 -p80 -oX logs / pb-port80scan.xml -oG logs / pb-port80scan.gnmap 216.163.128.20/20 scan IP addresses 4096, to find a Web server (not of ping), the results Grep and saved in XML format (without success)
9. Use -l command Host company.com | Cut. 4 -d -f | -v -iL Nmap for DNS zone transfer to find the host company.com, then the IP address for the Nmap (without success)
Task 2: Select the scan target and exclude
Knowledge goal
* Master excluded from scanning the target of the command line usage
1. 用-iR随机扫描三台主机(为了减少扫描时间,仅限于在80端口上扫描),在Namp下输入namp-iR 3 -Pn -p 80 命令,然后按Enter键
2. 扫描193.168.1.0/24网段的主机但排除192.168.1.11主机,在Namp下输入namp 192.168.1.0/24 --exclude 192.168.1.11命令,然后按Enter键
//192.168.1.1和192.168.1.12主机开启,显示了相应端口号及对应的服务
3.使用地址列表文件排除若干被扫描的主机
(1)首先在Namp所在目录下创建排除文件file.txt,输入要排除的主机地址192.168.1.12.
如果有多个地址,可用空格,换行符等分隔。
(2)在Namp下输入nmap192.168.1.0/24 –excludefile file.txt命令,然后按Enter键,显示信息(192.168.1.12没有被扫到,因为该Ip地址被写道了排除文件中)
任务三:扫描发现存活的目标主机
知识目标
*掌握Namp扫描存活主机的意义.相关知识基础
*使用Namp进行存活主机扫描
1.用-sL在网络上扫描nesst.com域的主机,然后按Enter键
2.用-sn参数发现网络中192.168.1.1-20范围内哪些主机被开启了
3.-Pn参数将所有指定的主机视作开启状态,跳过主机发现的过程,直接报告端口开放情况,在Namp下输入namp -Pn 192.168.1.1-20命令,然后按Enter键
4.组合参数探测,在namp下输入namp -sn -PE -PS80,135 PU53 scanme.namp.org命令,然后按Enter键
任务四:识别目标操作系统
知识目标
*掌握如何识别远程机器的系统版本
1.使用namp -O 目标主机地址来探测操作系统类型,输入nmap -O 192.168.1.1-11命令,按Enter键后显示信息
2.使用nmap -O –osscan-guess目标主机地址来猜测操作系统类型
任务五:识别目标主机的服务及版本
知识目标
*掌握识别目标主机所开放端口上的应用
1.使用-sV 进行基本的版本扫描,命令格式nmap -sV IP地址
2.详尽的列出探测过程
3.轻量级探测,在namp下输入nmap -sV –version-light 192.168.1.1命令,然后按Enter键
4.尝试使用所有probes探测
任务六:绕过防火墙扫描端口
知识目标
掌握如何躲过防火墙检测和拦截的相关扫描原理
1. 使用诱饵隐蔽扫描,在Nmap下输入nmap -v -F -D 192.168.1.6,192.168.1.7,ME -g 3355 192.168.1.1命令,然后按Enter键
2. 使用-S及-e进行源地址欺骗扫描(用192.168.1.12作为欺骗的源地址)
3. 硬件地址不足,使用nmap -spoof-mac 00:0c:22:11 192.168.1.1命令对目标主机进行硬件地址欺骗扫描。在硬件地址不足的情况下,Nmap自动补齐。
出现的问题及解决方案
1. 在最初安装含有win7操作系统的虚拟机时,win7的系统镜像加载不了,如图:
解决办法:上网查找,在csdn中找到方法:
按照上面的方法排错,发现还是无法识别镜像文件,最后尝试换了个镜像文件,成功检测到镜像文件,执行后续安装 //安装出现问题是因为镜像有问题
2. 在登陆nmap官网下载nmap时,起初登陆不进去。 解决办法:要登陆vpn登陆谷歌浏览器,加速秒登,如图:
3.在任务四执行nmap -O –osscan-guess 目标主机来猜测操作系统类型时没有打印出指纹特征,如图:
// There is no fingerprint features are present, and the textbook picture is somewhat different, missing part of
the solution: a solution is not found relevant
4. The version of the scanner during the time, lightweight and detection probes to detect the results obtained for all addresses is the same. Figure:
Solution: When a single host detection, compared to the lightweight, all probes no obvious advantage, the results are the same
The hardware address spoofing scanning without success, capture the results in question, as shown:
The solution: not found