每日记载内容总结46
nmap
Nmap 又叫做Network Mapper(网络映射器)是一个开源并且为了Linux系统管理员或者网络管理员的万能的工具。Nmap用于浏览网络,执行安全扫描,网络审计以及在远程机器找到开放端口。它可以扫描在线主机,操作系统,滤包器和远程主机打开的端口。(来源)
--
安装:
yum install nmap
-
使用Hostname和IP地址来扫描系统,扫描出他的系统所有开放端口,服务和MAC地址。
[root@ssqs-test1 ~]# nmap baidu.com Starting Nmap 5.51 ( http://nmap.org ) at 2018-06-12 17:34 CST Nmap scan report for baidu.com (123.125.115.110) Host is up (0.0026s latency). Other addresses for baidu.com (not scanned): 220.181.57.216 Not shown: 998 filtered ports PORT STATE SERVICE 80/tcp open http 443/tcp open https Nmap done: 1 IP address (1 host up) scanned in 4.02 seconds [root@ssqs-test1 ~]# nmap 47.92.65.98 Starting Nmap 5.51 ( http://nmap.org ) at 2018-06-12 17:34 CST Nmap scan report for 47.92.65.98 Host is up (0.0070s latency). Not shown: 996 filtered ports PORT STATE SERVICE 22/tcp open ssh 80/tcp closed http 443/tcp closed https 3389/tcp closed ms-term-serv Nmap done: 1 IP address (1 host up) scanned in 4.54 seconds
-
使用 “-v” 选项,此选项给了更多的远程设备的细节。
[root@ssqs-test1 ~]# nmap -v 47.92.65.98 Starting Nmap 5.51 ( http://nmap.org ) at 2018-06-12 17:36 CST Initiating Ping Scan at 17:36 Scanning 47.92.65.98 [4 ports] Completed Ping Scan at 17:36, 0.01s elapsed (1 total hosts) Initiating Parallel DNS resolution of 1 host. at 17:36 Completed Parallel DNS resolution of 1 host. at 17:36, 0.02s elapsed Initiating SYN Stealth Scan at 17:36 Scanning 47.92.65.98 [1000 ports] Discovered open port 22/tcp on 47.92.65.98 Completed SYN Stealth Scan at 17:36, 4.04s elapsed (1000 total ports) Nmap scan report for 47.92.65.98 Host is up (0.0070s latency). Not shown: 996 filtered ports PORT STATE SERVICE 22/tcp open ssh 80/tcp closed http 443/tcp closed https 3389/tcp closed ms-term-serv Read data files from: /usr/share/nmap Nmap done: 1 IP address (1 host up) scanned in 4.13 seconds Raw packets sent: 1996 (87.800KB) | Rcvd: 9 (480B)
-
扫描特定的端口,Nmap有多种多样的选项去发现远程机器的端口。通过“-p”选项,你可以指定你想要扫描的端口,默认情况下Nmap扫描只扫描TCP端口。可扫描单个或者多个,用逗号分隔。
[root@ssqs-test1 ~]# nmap 47.92.65.98 -p 5672 Starting Nmap 5.51 ( http://nmap.org ) at 2018-06-12 17:40 CST Nmap scan report for 47.92.65.98 Host is up (0.0065s latency). PORT STATE SERVICE 5672/tcp open amqp Nmap done: 1 IP address (1 host up) scanned in 0.10 seconds [root@ssqs-test1 ~]# nmap 47.92.65.98 -p 5672,15672 Starting Nmap 5.51 ( http://nmap.org ) at 2018-06-12 17:40 CST Nmap scan report for 47.92.65.98 Host is up (0.0064s latency). PORT STATE SERVICE 5672/tcp open amqp 15672/tcp open unknown Nmap done: 1 IP address (1 host up) scanned in 0.13 seconds
Linux基本命令不能用解决方法
--
先执行如下命令:
export PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin
然后在当前命令界面,基本命令都已经可用,继续如下操作
vim /etc/profile
source /etc/profile
/etc/sysconfig/iptables文件不存在
--
在虚拟机上装的centos7是最小安装方式,所以许多东西都没装,需要自己手动安装。
因此/etc/sysconfig/iptables不存在,没有安装iptables防火墙
可以通过以下命令安装iptables防火墙
systemctl stop firewalld
systemctl mask firewalld
// 安装
yum install iptables-services
// 查看状态
service iptables status
//设置开机启动
systemctl enable iptables
//管理
systemctl stop iptables
systemctl start iptables
systemctl restart iptables
service iptables save