每日记载内容总结46

nmap
Nmap 又叫做Network Mapper(网络映射器)是一个开源并且为了Linux系统管理员或者网络管理员的万能的工具。Nmap用于浏览网络,执行安全扫描,网络审计以及在远程机器找到开放端口。它可以扫描在线主机,操作系统,滤包器和远程主机打开的端口。(来源

--

安装:

yum install nmap
  1. 使用Hostname和IP地址来扫描系统,扫描出他的系统所有开放端口,服务和MAC地址。

     [root@ssqs-test1 ~]# nmap baidu.com
     
     Starting Nmap 5.51 ( http://nmap.org ) at 2018-06-12 17:34 CST
     Nmap scan report for baidu.com (123.125.115.110)
     Host is up (0.0026s latency).
     Other addresses for baidu.com (not scanned): 220.181.57.216
     Not shown: 998 filtered ports
     PORT    STATE SERVICE
     80/tcp  open  http
     443/tcp open  https
     
     Nmap done: 1 IP address (1 host up) scanned in 4.02 seconds
    
     [root@ssqs-test1 ~]# nmap 47.92.65.98
    
     Starting Nmap 5.51 ( http://nmap.org ) at 2018-06-12 17:34 CST
     Nmap scan report for 47.92.65.98
     Host is up (0.0070s latency).
     Not shown: 996 filtered ports
     PORT     STATE  SERVICE
     22/tcp   open   ssh
     80/tcp   closed http
     443/tcp  closed https
     3389/tcp closed ms-term-serv
     
     Nmap done: 1 IP address (1 host up) scanned in 4.54 seconds
    
  2. 使用 “-v” 选项,此选项给了更多的远程设备的细节。

     [root@ssqs-test1 ~]# nmap -v 47.92.65.98
    
     Starting Nmap 5.51 ( http://nmap.org ) at 2018-06-12 17:36 CST
     Initiating Ping Scan at 17:36
     Scanning 47.92.65.98 [4 ports]
     Completed Ping Scan at 17:36, 0.01s elapsed (1 total hosts)
     Initiating Parallel DNS resolution of 1 host. at 17:36
     Completed Parallel DNS resolution of 1 host. at 17:36, 0.02s elapsed
     Initiating SYN Stealth Scan at 17:36
     Scanning 47.92.65.98 [1000 ports]
     Discovered open port 22/tcp on 47.92.65.98
     Completed SYN Stealth Scan at 17:36, 4.04s elapsed (1000 total ports)
     Nmap scan report for 47.92.65.98
     Host is up (0.0070s latency).
     Not shown: 996 filtered ports
     PORT     STATE  SERVICE
     22/tcp   open   ssh
     80/tcp   closed http
     443/tcp  closed https
     3389/tcp closed ms-term-serv
     
     Read data files from: /usr/share/nmap
     Nmap done: 1 IP address (1 host up) scanned in 4.13 seconds
     Raw packets sent: 1996 (87.800KB) | Rcvd: 9 (480B)
    
  3. 扫描特定的端口,Nmap有多种多样的选项去发现远程机器的端口。通过“-p”选项,你可以指定你想要扫描的端口,默认情况下Nmap扫描只扫描TCP端口。可扫描单个或者多个,用逗号分隔。

     [root@ssqs-test1 ~]# nmap 47.92.65.98 -p 5672
    
     Starting Nmap 5.51 ( http://nmap.org ) at 2018-06-12 17:40 CST
     Nmap scan report for 47.92.65.98
     Host is up (0.0065s latency).
     PORT     STATE SERVICE
     5672/tcp open  amqp
     
     Nmap done: 1 IP address (1 host up) scanned in 0.10 seconds
    
     [root@ssqs-test1 ~]# nmap 47.92.65.98 -p 5672,15672
    
     Starting Nmap 5.51 ( http://nmap.org ) at 2018-06-12 17:40 CST
     Nmap scan report for 47.92.65.98
     Host is up (0.0064s latency).
     PORT      STATE SERVICE
     5672/tcp  open  amqp
     15672/tcp open  unknown
     
     Nmap done: 1 IP address (1 host up) scanned in 0.13 seconds
    

Linux基本命令不能用解决方法

--

先执行如下命令:

export PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin  

然后在当前命令界面,基本命令都已经可用,继续如下操作

vim /etc/profile
source /etc/profile

/etc/sysconfig/iptables文件不存在

--

在虚拟机上装的centos7是最小安装方式,所以许多东西都没装,需要自己手动安装。
因此/etc/sysconfig/iptables不存在,没有安装iptables防火墙
可以通过以下命令安装iptables防火墙

systemctl stop firewalld

systemctl mask firewalld

// 安装
yum install iptables-services

// 查看状态
service iptables status

//设置开机启动
systemctl enable iptables

//管理
systemctl stop iptables  

systemctl start iptables  

systemctl restart iptables  

service iptables save
posted @ 2018-06-12 18:15  CalronLoveRonnie  阅读(159)  评论(0编辑  收藏  举报
AmazingCounters.com