Nmap - Comandos úteis para um administrador de sistemas Linux
O Nmap é um programa que permite fazer um scan completo em uma rede, ou hosts, para podermos obter informações como: quais hosts estão ativos, quais portas estão abertas, dentre outras. O scan pode determinar as portas abertas em um IP, qual o sistema operacional dele, se ele possui ou não um firewall e assim por diante. Esse é um verdadeiro canivete suíço para os administradores de servidores.
[ Hits: 13.323 ]
Por: Diego Mendes Rodrigues em 05/05/2020 | Blog: https://www.linkedin.com/in/diegomendesrodrigues/
Starting Nmap 7.80 ( https://nmap.org ) at 2020-05-02 13:35 -03 Nmap scan report for 192.168.0.28 Host is up (0.00016s latency). Not shown: 997 closed ports PORT STATE SERVICE 22/tcp open ssh 80/tcp open http 3306/tcp open mysql Nmap done: 1 IP address (1 host up) scanned in 0.11 secondsObserve que o servidor possui os serviços de ssh, http e MySQL instalados, com as portas 22, 80 e 3306 abertas no protocolo TCP. Caso essa máquina estivesse conectada direto na internet, todos esses serviços estariam expostos diretamente para qualquer tipo de tentativa de invasão.
Starting Nmap 7.80 ( https://nmap.org ) at 2020-05-02 13:41 -03 Nmap scan report for _gateway (192.168.0.1) Host is up (0.013s latency). Not shown: 995 closed ports PORT STATE SERVICE 80/tcp open http 8080/tcp open http-proxy 8081/tcp filtered blackice-icecap 8090/tcp filtered opsmessaging 8888/tcp filtered sun-answerbook Nmap scan report for 192.168.0.28 Host is up (0.00015s latency). Not shown: 997 closed ports PORT STATE SERVICE 22/tcp open ssh 80/tcp open http 3306/tcp open mysql Nmap scan report for 192.168.0.222 Host is up (0.0048s latency). Not shown: 998 closed ports PORT STATE SERVICE 23/tcp open telnet 80/tcp open http Nmap done: 3 IP addresses (3 hosts up) scanned in 2.91 seconds
Starting Nmap 7.80 ( https://nmap.org ) at 2020-05-02 13:45 -03 Nmap scan report for _gateway (192.168.0.1) Host is up (0.014s latency). Not shown: 995 closed ports PORT STATE SERVICE 80/tcp open http 8080/tcp open http-proxy 8081/tcp filtered blackice-icecap 8090/tcp filtered opsmessaging 8888/tcp filtered sun-answerbook Nmap scan report for 192.168.0.10 Host is up (0.024s latency). Not shown: 999 closed ports PORT STATE SERVICE 80/tcp open http Nmap scan report for 192.168.0.28 Host is up (0.00051s latency). Not shown: 997 closed ports PORT STATE SERVICE 22/tcp open ssh 80/tcp open http 3306/tcp open mysql Nmap scan report for 192.168.0.177 Host is up (0.00023s latency). Not shown: 998 closed ports PORT STATE SERVICE 80/tcp open http 3306/tcp open mysql Nmap scan report for 192.168.0.218 Host is up (0.022s latency). All 1000 scanned ports on 192.168.0.218 are closed Nmap scan report for 192.168.0.219 Host is up (0.012s latency). Not shown: 994 closed ports PORT STATE SERVICE 23/tcp open telnet 80/tcp open http 902/tcp filtered iss-realsecure 5440/tcp filtered unknown 7103/tcp filtered unknown 9878/tcp filtered kca-service Nmap scan report for 192.168.0.222 Host is up (0.0049s latency). Not shown: 998 closed ports PORT STATE SERVICE 23/tcp open telnet 80/tcp open http Nmap done: 256 IP addresses (7 hosts up) scanned in 33.04 seconds
Starting Nmap 7.80 ( https://nmap.org ) at 2020-05-02 14:03 -03 Nmap scan report for 192.168.0.28 Host is up (0.00022s latency). All 1000 scanned ports on 192.168.0.28 are unfiltered MAC Address: 08:00:27:CF:C7:BE (Oracle VirtualBox virtual NIC) Nmap done: 1 IP address (1 host up) scanned in 0.43 secondsObserve que esse servidor não está protegido por um firewall, devido à seguinte mensagem que está no retorno do Nmap:
Starting Nmap 7.80 ( https://nmap.org ) at 2020-05-02 14:08 -03 Nmap scan report for 192.168.0.28 Host is up (0.00031s latency). All 1000 scanned ports on 192.168.0.28 are filtered MAC Address: 08:00:27:CF:C7:BE (Oracle VirtualBox virtual NIC) Nmap done: 1 IP address (1 host up) scanned in 21.38 secondsObserve que agora esse servidor está protegido por um firewall, devido à seguinte mensagem que está no retorno do Nmap:
Starting Nmap 7.80 ( https://nmap.org ) at 2020-05-02 14:12 -03 Nmap scan report for 192.168.0.28 Host is up (0.074s latency). All 1000 scanned ports on 192.168.0.28 are filtered Nmap done: 1 IP address (1 host up) scanned in 191.52 seconds
Starting Nmap 7.80 ( https://nmap.org ) at 2020-05-02 14:21 -03 Nmap scan report for _gateway (192.168.0.1) Host is up (0.12s latency). Nmap scan report for 192.168.0.10 Host is up (0.12s latency). Nmap scan report for ubuntu (192.168.0.28) Host is up (0.00052s latency). Nmap scan report for 192.168.0.223 Host is up (0.048s latency). Nmap scan report for 192.168.0.225 Host is up (0.13s latency). Nmap done: 256 IP addresses (5 hosts up) scanned in 16.76 seconds
Starting Nmap 7.80 ( https://nmap.org ) at 2020-05-02 14:23 -03 Nmap scan report for ubuntu (192.168.0.28) Host is up (0.00010s latency). Not shown: 98 closed ports PORT STATE SERVICE 80/tcp open http 3306/tcp open mysql Nmap done: 1 IP address (1 host up) scanned in 0.08 seconds
Starting Nmap 7.80 ( https://nmap.org ) at 2020-05-02 14:26 -03 ************************INTERFACES************************ DEV (SHORT) IP/MASK TYPE UP MTU MAC wlp2s0 (wlp2s0) 192.168.0.28/24 ethernet up 1500 5C:C9:D3:66:43:6E wlp2s0 (wlp2s0) fe80::747a:93a9:9c2e:2aca/64 ethernet up 1500 5C:C9:D3:66:43:6E wlp2s0 (wlp2s0) 2804:14c:48b:41b2::1/128 ethernet up 1500 5C:C9:D3:66:43:6E wlp2s0 (wlp2s0) 2804:14c:48b:41b2:c581:f4ec:2ca6:2bf9/64 ethernet up 1500 5C:C9:D3:66:43:6E wlp2s0 (wlp2s0) 2804:14c:48b:41b2:40c1:626:6d1d:897c/64 ethernet up 1500 5C:C9:D3:66:43:6E gpd0 (gpd0) (none)/0 point2point down 1500 lo (lo) 127.0.0.1/8 loopback up 65536 lo (lo) ::1/128 loopback up 65536 enp1s0 (enp1s0) (none)/0 ethernet up 1500 1C:39:47:56:D8:A4 **************************ROUTES************************** DST/MASK DEV METRIC GATEWAY 192.168.0.0/24 wlp2s0 600 169.254.0.0/16 wlp2s0 1000 0.0.0.0/0 wlp2s0 600 192.168.0.1 ::1/128 lo 0 2804:14c:48b:41b2::1/128 wlp2s0 0 2804:14c:48b:41b2:40c1:626:6d1d:897c/128 wlp2s0 0 2804:14c:48b:41b2:c581:f4ec:2ca6:2bf9/128 wlp2s0 0 fe80::747a:93a9:9c2e:2aca/128 wlp2s0 0 ::1/128 lo 256 2804:14c:48b:41b2::1/128 wlp2s0 600 2804:14c:48b:41b2::/64 wlp2s0 600 fe80::2a32:c5ff:fe53:b0a7 fe80::/64 wlp2s0 600 ff00::/8 wlp2s0 256 ::/0 wlp2s0 600 fe80::2a32:c5ff:fe53:b0a7
Starting Nmap 7.80 ( https://nmap.org ) at 2020-05-02 14:31 -03 Nmap scan report for ubuntu (192.168.0.28) Host is up (0.00013s latency). PORT STATE SERVICE 80/tcp open http Nmap done: 1 IP address (1 host up) scanned in 5.18 secondsCaso queira especificar mais de uma porta, separe elas com vírgulas.
Starting Nmap 7.80 ( https://nmap.org ) at 2020-05-02 14:32 -03 Nmap scan report for ubuntu (192.168.0.28) Host is up (0.000078s latency). PORT STATE SERVICE 21/tcp closed ftp 80/tcp open http 443/tcp closed https Nmap done: 1 IP address (1 host up) scanned in 0.08 secondsCaso queira realizar o scan nas portas mais conhecidas e utilizadas atualmente na internet, utilize o parâmetro --top-ports <quantidade>, como por exemplo:
Starting Nmap 7.80 ( https://nmap.org ) at 2020-05-02 14:34 -03 Nmap scan report for ubuntu (192.168.0.28) Host is up (0.000078s latency). PORT STATE SERVICE 21/tcp closed ftp 22/tcp closed ssh 23/tcp closed telnet 25/tcp closed smtp 53/tcp closed domain 80/tcp open http 110/tcp closed pop3 111/tcp closed rpcbind 135/tcp closed msrpc 139/tcp closed netbios-ssn 143/tcp closed imap 443/tcp closed https 445/tcp closed microsoft-ds 993/tcp closed imaps 995/tcp closed pop3s 1723/tcp closed pptp 3306/tcp open mysql 3389/tcp closed ms-wbt-server 5900/tcp closed vnc 8080/tcp closed http-proxy Nmap done: 1 IP address (1 host up) scanned in 0.08 seconds
Starting Nmap 7.80 ( https://nmap.org ) at 2020-05-02 14:38 -03 Warning: 192.168.0.10 giving up on port because retransmission cap hit (2). Warning: 192.168.0.223 giving up on port because retransmission cap hit (2). Warning: 192.168.0.225 giving up on port because retransmission cap hit (2). Nmap scan report for _gateway (192.168.0.1) Host is up (0.0066s latency). Not shown: 995 closed ports PORT STATE SERVICE 80/tcp open http 8080/tcp open http-proxy 8081/tcp filtered blackice-icecap 8090/tcp filtered opsmessaging 8888/tcp filtered sun-answerbook Nmap scan report for 192.168.0.10 Host is up (0.033s latency). Not shown: 831 closed ports, 168 filtered ports PORT STATE SERVICE 80/tcp open http Nmap scan report for ubuntu (192.168.0.28) Host is up (0.00016s latency). Not shown: 998 closed ports PORT STATE SERVICE 80/tcp open http 3306/tcp open mysql Nmap scan report for 192.168.0.223 Host is up (0.0046s latency). Not shown: 983 closed ports PORT STATE SERVICE 4/tcp filtered unknown 23/tcp open telnet 42/tcp filtered nameserver 80/tcp open http 444/tcp filtered snpp 801/tcp filtered device 1051/tcp filtered optima-vnet 1052/tcp filtered ddt 1066/tcp filtered fpo-fns 1187/tcp filtered alias 2702/tcp filtered sms-xfer 2967/tcp filtered symantec-av 4002/tcp filtered mlchat-proxy 8082/tcp filtered blackice-alerts 8300/tcp filtered tmi 9900/tcp filtered iua 49154/tcp filtered unknown Nmap scan report for 192.168.0.225 Host is up (0.0020s latency). Not shown: 986 closed ports PORT STATE SERVICE 23/tcp open telnet 80/tcp open http 700/tcp filtered epp 1023/tcp filtered netvenuechat 1069/tcp filtered cognex-insight 1080/tcp filtered socks 1085/tcp filtered webobjects 1124/tcp filtered hpvmmcontrol 3517/tcp filtered 802-11-iapp 3827/tcp filtered netmpi 7070/tcp filtered realserver 8045/tcp filtered unknown 26214/tcp filtered unknown 57797/tcp filtered unknown Nmap scan report for 192.168.0.226 Host is up (0.00019s latency). Not shown: 997 closed ports PORT STATE SERVICE 22/tcp open ssh 80/tcp open http 3306/tcp open mysql Nmap done: 256 IP addresses (6 hosts up) scanned in 23.44 seconds
Starting Nmap 7.80 ( https://nmap.org ) at 2020-05-02 14:42 -03 Nmap scan report for ubuntu (192.168.0.28) Host is up (0.00011s latency). Not shown: 998 closed ports PORT STATE SERVICE 80/tcp open http 3306/tcp open mysql Device type: general purpose Running: Linux 2.6.X OS CPE: cpe:/o:linux:linux_kernel:2.6.32 OS details: Linux 2.6.32 Network Distance: 0 hops OS detection performed. Please report any incorrect results at https://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 1.79 secondsObserve que o sistema operacional detectado no servidor é o Ubuntu em Nmap scan report for ubuntu (192.168.0.28).
Starting Nmap 7.80 ( https://nmap.org ) at 2020-05-02 14:46 -03 Nmap scan report for www.vivaolinux.com.br (104.24.99.136) Host is up (0.17s latency). Other addresses for www.vivaolinux.com.br (not scanned): 2606:4700:3030::6818:6288 2606:4700:3030::6818:6388 104.24.98.136 Not shown: 996 filtered ports PORT STATE SERVICE 80/tcp open http 443/tcp open https 8080/tcp open http-proxy 8443/tcp open https-alt Nmap done: 1 IP address (1 host up) scanned in 24.32 second
Starting Nmap 7.80 ( https://nmap.org ) at 2020-05-02 14:49 -03 Nmap scan report for ubuntu (192.168.0.28) Host is up (0.0000080s latency). Not shown: 998 closed ports PORT STATE SERVICE 80/tcp open http 3306/tcp open mysql Nmap done: 1 IP address (1 host up) scanned in 0.23 seconds
Bloqueio de Países com IPTables
MultiCD - Diversas Distribuições no mesmo DVD/Pendrive
Listando os serviços Linux com o Systemctl
Instalando Adicionais para Convidados para VirtualBox no Debian, Linux Mint e Ubuntu
Truques úteis de linha de comando Linux para iniciantes
OSSEC HIDS - Instalação e configuração no CentOS 6.5
É o hora do churrasco de... exploits! Quê?!? Não! Para churrasco e exploits, use Beef
John The Ripper - Teste de Quebra de Senhas
Reaver - Testes de segurança em redes sem fio
Nenhum comentário foi encontrado.
Enviar mensagem ao usuário trabalhando com as opções do php.ini
Meu Fork do Plugin de Integração do CVS para o KDevelop
Compartilhando a tela do Computador no Celular via Deskreen
Como Configurar um Túnel SSH Reverso para Acessar Sua Máquina Local a Partir de uma Máquina Remota
Configuração para desligamento automatizado de Computadores em um Ambiente Comercial
Compartilhamento de Rede com samba em modo Público/Anônimo de forma simples, rápido e fácil
Cups: Mapear/listar todas as impressoras de outro Servidor CUPS de forma rápida e fácil
Criando uma VPC na AWS via CLI
Tem como instalar o gerenciador AMD Adrenalin no Ubuntu 24.04? (6)