【nmap】nmap 测试 ntp的udp端口监听状态

# ping  ntp.example.com
PING ntp.example.com (172.16.13.2) 56(84) bytes of data.
--- ntp.example.com ping statistics ---
712 packets transmitted, 0 received, 100% packet loss, time 711026ms看来是目标主机禁ping了

#  nmap -sU -p 123   ntp.example.comStarting Nmap 6.40 ( http://nmap.org ) at 2022-08-15 23:54 CST
Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn
Nmap done: 1 IP address (0 hosts up) scanned in 6.12 seconds

# nmap -sU -Pn  -p 123  ntp.example.comStarting Nmap 6.40 ( http://nmap.org ) at 2022-08-15 23:54 CST
Nmap scan report for ntp.example.com (172.16.13.2)
Host is up (0.00085s latency).
PORT    STATE SERVICE
123/udp open  ntpNmap done: 1 IP address (1 host up) scanned in 3.08 seconds

$ nmap  --help
Nmap 6.40 ( http://nmap.org )
Usage: nmap [Scan Type(s)] [Options] {target specification}
TARGET SPECIFICATION:Can pass hostnames, IP addresses, networks, etc.Ex: scanme.nmap.org, microsoft.com/24, 192.168.0.1; 10.0.0-255.1-254-iL <inputfilename>: Input from list of hosts/networks-iR <num hosts>: Choose random targets--exclude <host1[,host2][,host3],...>: Exclude hosts/networks--excludefile <exclude_file>: Exclude list from file
HOST DISCOVERY:-sL: List Scan - simply list targets to scan-sn: Ping Scan - disable port scan-Pn: Treat all hosts as online -- skip host discovery-PS/PA/PU/PY[portlist]: TCP SYN/ACK, UDP or SCTP discovery to given ports-PE/PP/PM: ICMP echo, timestamp, and netmask request discovery probes-PO[protocol list]: IP Protocol Ping-n/-R: Never do DNS resolution/Always resolve [default: sometimes]--dns-servers <serv1[,serv2],...>: Specify custom DNS servers--system-dns: Use OS's DNS resolver--traceroute: Trace hop path to each host
SCAN TECHNIQUES:-sS/sT/sA/sW/sM: TCP SYN/Connect()/ACK/Window/Maimon scans-sU: UDP Scan-sN/sF/sX: TCP Null, FIN, and Xmas scans--scanflags <flags>: Customize TCP scan flags-sI <zombie host[:probeport]>: Idle scan-sY/sZ: SCTP INIT/COOKIE-ECHO scans-sO: IP protocol scan-b <FTP relay host>: FTP bounce scan
PORT SPECIFICATION AND SCAN ORDER:-p <port ranges>: Only scan specified portsEx: -p22; -p1-65535; -p U:53,111,137,T:21-25,80,139,8080,S:9-F: Fast mode - Scan fewer ports than the default scan-r: Scan ports consecutively - don't randomize--top-ports <number>: Scan <number> most common ports--port-ratio <ratio>: Scan ports more common than <ratio>
SERVICE/VERSION DETECTION:-sV: Probe open ports to determine service/version info--version-intensity <level>: Set from 0 (light) to 9 (try all probes)--version-light: Limit to most likely probes (intensity 2)--version-all: Try every single probe (intensity 9)--version-trace: Show detailed version scan activity (for debugging)
SCRIPT SCAN:-sC: equivalent to --script=default--script=<Lua scripts>: <Lua scripts> is a comma separated list ofdirectories, script-files or script-categories--script-args=<n1=v1,[n2=v2,...]>: provide arguments to scripts--script-args-file=filename: provide NSE script args in a file--script-trace: Show all data sent and received--script-updatedb: Update the script database.--script-help=<Lua scripts>: Show help about scripts.<Lua scripts> is a comma separted list of script-files orscript-categories.
OS DETECTION:-O: Enable OS detection--osscan-limit: Limit OS detection to promising targets--osscan-guess: Guess OS more aggressively
TIMING AND PERFORMANCE:Options which take <time> are in seconds, or append 'ms' (milliseconds),'s' (seconds), 'm' (minutes), or 'h' (hours) to the value (e.g. 30m).-T<0-5>: Set timing template (higher is faster)--min-hostgroup/max-hostgroup <size>: Parallel host scan group sizes--min-parallelism/max-parallelism <numprobes>: Probe parallelization--min-rtt-timeout/max-rtt-timeout/initial-rtt-timeout <time>: Specifiesprobe round trip time.--max-retries <tries>: Caps number of port scan probe retransmissions.--host-timeout <time>: Give up on target after this long--scan-delay/--max-scan-delay <time>: Adjust delay between probes--min-rate <number>: Send packets no slower than <number> per second--max-rate <number>: Send packets no faster than <number> per second
FIREWALL/IDS EVASION AND SPOOFING:-f; --mtu <val>: fragment packets (optionally w/given MTU)-D <decoy1,decoy2[,ME],...>: Cloak a scan with decoys-S <IP_Address>: Spoof source address-e <iface>: Use specified interface-g/--source-port <portnum>: Use given port number--data-length <num>: Append random data to sent packets--ip-options <options>: Send packets with specified ip options--ttl <val>: Set IP time-to-live field--spoof-mac <mac address/prefix/vendor name>: Spoof your MAC address--badsum: Send packets with a bogus TCP/UDP/SCTP checksum
OUTPUT:-oN/-oX/-oS/-oG <file>: Output scan in normal, XML, s|<rIpt kIddi3,and Grepable format, respectively, to the given filename.-oA <basename>: Output in the three major formats at once-v: Increase verbosity level (use -vv or more for greater effect)-d: Increase debugging level (use -dd or more for greater effect)--reason: Display the reason a port is in a particular state--open: Only show open (or possibly open) ports--packet-trace: Show all packets sent and received--iflist: Print host interfaces and routes (for debugging)--log-errors: Log errors/warnings to the normal-format output file--append-output: Append to rather than clobber specified output files--resume <filename>: Resume an aborted scan--stylesheet <path/URL>: XSL stylesheet to transform XML output to HTML--webxml: Reference stylesheet from Nmap.Org for more portable XML--no-stylesheet: Prevent associating of XSL stylesheet w/XML output
MISC:-6: Enable IPv6 scanning-A: Enable OS detection, version detection, script scanning, and traceroute--datadir <dirname>: Specify custom Nmap data file location--send-eth/--send-ip: Send using raw ethernet frames or IP packets--privileged: Assume that the user is fully privileged--unprivileged: Assume the user lacks raw socket privileges-V: Print version number-h: Print this help summary page.
EXAMPLES:nmap -v -A scanme.nmap.orgnmap -v -sn 192.168.0.0/16 10.0.0.0/8nmap -v -iR 10000 -Pn -p 80
SEE THE MAN PAGE (http://nmap.org/book/man.html) FOR MORE OPTIONS AND EXAMPLES

【nmap】nmap 测试 ntp的udp端口监听状态相关推荐

Linux查看端口监听状态
查看端口监听状态命令命令 netstat 常用命令格式#netstat -anutp 参数含义: -a 显示所有 -n 以ip形式显示当前建立的有效连接和端口 -u 显示UDP协议 -t 显示TC ...
cmd查看某个服务器端口状态,cmd中检测端口是否处于监听状态 | IT博客
1.查看本地端口监听状态命令:netstat -an Local Address:本地地址 Foreign Address :外地的地址 State:LISTENING该端口在监听外部连接,estab ...
测试tcp和udp端口连通性
测试tcp和udp端口连通性测试tcp和udp端口连通性 tcp端口命令 telnet udp端口命令 nc nc命令用法 nc命令man帮助示例 nc默认tcp协议,使用udp要指定u 测试t ...
获取运行端口监听的用户身份auth-owner
获取运行端口监听的用户身份auth-owner Windows系统提供工作在TCP 113端口的授权服务(Authentication Service),用来判断TCP连接的用户.Nmap的auth- ...
Linux下如何查看哪些端口处于监听状态
Linux下如何查看哪些端口处于监听状态 2008-02-23 21:36:09| 分类: Linux & C|举报|字号订阅一.最常用的方法: 1,netstat -an 2,lsof ...
linux 端口监听 Netstat 常用命令
文章目录一.Netstat 二.Netstat 常用命令 2.1 Linux 查看程序端口使用情况 2.2 Linux 查看程序端口占用情况三.Netstat 命令详情一.Netstat Net ...
Linux查看端口监听情况，以及Linux查看某个端口对应的进程号和程序
文章目录: 1 linux查看那端口监听情况 2 Linux查看某个端口对应的进程号和程序 1 linux查看那端口监听情况 linux中可以使用netstat命令查看端口监听情况,首先来看一下该命令 ...
TCP 端口监听队列原理
近期需要实现一个TCP线程池服务,该服务需要能够在同一个端口上实现 TCP 常规服务.HTTP请求服务.SOAP WebService 服务,为了测试 ACE 的线程池启动后,如果所有线程都在忙,客户 ...
cmd中检测远程的ip和端口是否处于监听状态
第一步:使用ping命令测试远程的ip是否可连通在cmd中输入ping ip地址: 如果最后的统计信息中丢失率为0表示可以连通该ip地址.那么就可以进行下一步的测试该ip下的某一个端口是否开放的操作 ...

【nmap】nmap 测试 ntp的udp端口监听状态

【nmap】nmap 测试 ntp的udp端口监听状态相关推荐

最新文章

热门文章