nmap
Nmap 又叫做Network Mapper(网络映射器)是一个开源并且为了Linux系统管理员或者网络管理员的万能的工具。Nmap用于浏览网络,执行安全扫描,网络审计以及在远程机器找到开放端口。它可以扫描在线主机,操作系统,滤包器和远程主机打开的端口。(来源)
安装:
yum install nmap
使用Hostname和IP地址来扫描系统,扫描出他的系统所有开放端口,服务和MAC地址。
[root@ssqs-test1 ~]# nmap baidu.com
Starting Nmap 5.51 ( http://nmap.org ) at 2018-06-12 17:34 CST
Nmap scan report for baidu.com (123.125.115.110)
Host is up (0.0026s latency).
Other addresses for baidu.com (not scanned): 220.181.57.216
Not shown: 998 filtered ports
PORT STATE SERVICE
80/tcp open http
443/tcp open https
Nmap done: 1 IP address (1 host up) scanned in 4.02 seconds
[root@ssqs-test1 ~]# nmap 47.92.65.98
Starting Nmap 5.51 ( http://nmap.org ) at 2018-06-12 17:34 CST
Nmap scan report for 47.92.65.98
Host is up (0.0070s latency).
Not shown: 996 filtered ports
PORT STATE SERVICE
22/tcp open ssh
80/tcp closed http
443/tcp closed https
3389/tcp closed ms-term-serv
Nmap done: 1 IP address (1 host up) scanned in 4.54 seconds
使用 “-v” 选项,此选项给了更多的远程设备的细节。
[root@ssqs-test1 ~]# nmap -v 47.92.65.98
Starting Nmap 5.51 ( http://nmap.org ) at 2018-06-12 17:36 CST
Initiating Ping Scan at 17:36
Scanning 47.92.65.98 [4 ports]
Completed Ping Scan at 17:36, 0.01s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 17:36
Completed Parallel DNS resolution of 1 host. at 17:36, 0.02s elapsed
Initiating SYN Stealth Scan at 17:36
Scanning 47.92.65.98 [1000 ports]
Discovered open port 22/tcp on 47.92.65.98
Completed SYN Stealth Scan at 17:36, 4.04s elapsed (1000 total ports)
Nmap scan report for 47.92.65.98
Host is up (0.0070s latency).
Not shown: 996 filtered ports
PORT STATE SERVICE
22/tcp open ssh
80/tcp closed http
443/tcp closed https
3389/tcp closed ms-term-serv
Read data files from: /usr/share/nmap
Nmap done: 1 IP address (1 host up) scanned in 4.13 seconds
Raw packets sent: 1996 (87.800KB) | Rcvd: 9 (480B)
扫描特定的端口,Nmap有多种多样的选项去发现远程机器的端口。通过“-p”选项,你可以指定你想要扫描的端口,默认情况下Nmap扫描只扫描TCP端口。可扫描单个或者多个,用逗号分隔。
[root@ssqs-test1 ~]# nmap 47.92.65.98 -p 5672
Starting Nmap 5.51 ( http://nmap.org ) at 2018-06-12 17:40 CST
Nmap scan report for 47.92.65.98
Host is up (0.0065s latency).
PORT STATE SERVICE
5672/tcp open amqp
Nmap done: 1 IP address (1 host up) scanned in 0.10 seconds
[root@ssqs-test1 ~]# nmap 47.92.65.98 -p 5672,15672
Starting Nmap 5.51 ( http://nmap.org ) at 2018-06-12 17:40 CST
Nmap scan report for 47.92.65.98
Host is up (0.0064s latency).
PORT STATE SERVICE
5672/tcp open amqp
15672/tcp open unknown
Nmap done: 1 IP address (1 host up) scanned in 0.13 seconds
Linux基本命令不能用解决方法
--
先执行如下命令:
export PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin
然后在当前命令界面,基本命令都已经可用,继续如下操作
vim /etc/profile
source /etc/profile
/etc/sysconfig/iptables文件不存在
--
在虚拟机上装的centos7是最小安装方式,所以许多东西都没装,需要自己手动安装。
因此/etc/sysconfig/iptables不存在,没有安装iptables防火墙
可以通过以下命令安装iptables防火墙
systemctl stop firewalld
systemctl mask firewalld
// 安装
yum install iptables-services
// 查看状态
service iptables status
//设置开机启动
systemctl enable iptables
//管理
systemctl stop iptables
systemctl start iptables
systemctl restart iptables
service iptables save