更细节的知识请看nmap的manpage,这里主要是解释nmap的一个GTK前端Zenmap中的默认几个扫描命令的选项:
intense scan:
nmap -T4 -A -v
-T<0-5>: Set timing template (higher is faster)
-A: Enable OS detection, version detection, script scanning, and traceroute
-v: Increase verbosity level (use -vv or more for greater effect)
intense scan plus udp:
nmap -sS -sU -T4 -A -v
-sS/sT/sA/sW/sM: TCP SYN/Connect()/ACK/Window/Maimon scans
-sU: UDP Scan
-sN/sF/sX: TCP Null, FIN, and Xmas scans
Intense scan, all TCP ports:
nmap -p 1-65535 -T4 -A -v
-p <port ranges>: Only scan specified ports
Ex: -p22; -p1-65535; -p U:53,111,137,T:21-25,80,139,8080,S:9
Intense scan, no ping:
nmap -T4 -A -v -Pn
-Pn: Treat all hosts as online -- skip host discovery
Ping scan:
nmap -sn 192.168.1.0/24
-sn: Ping Scan - disable port scan
注:这个用来检测一个子网内有多少机器是在线的
Quick scan:
nmap -T4 -F
-F: Fast mode - Scan fewer ports than the default scan
注:一般默认nmap会扫描常用的1000个端口,当使用-F后就变成常用的100个端口
Quick scan plus:
nmap -sV -T4 -O -F --version-light
-sV: Probe open ports to determine service/version info
-O: Enable OS detection
--version-light: Limit to most likely probes (intensity 2)
注:probe:探针 intensity:强度
--version-intensity <level>: Set from 0 (light) to 9 (try all probes)
