????FIN scan (sF)
?????????Tcp SYN??費???????????????з?????????.?????????????????IDS??IPS????????????????????SYN????????????????????FIN????????????????????TCP??????.
????root@bt:~# nmap -sF 192.168.1.8
????Starting Nmap 5.51  at 2012-07-08 19:21 PKT
????Nmap scan report for 192.168.1.8
????Host is up (0.000026s latency).
????Not shown: 999 closed ports
????PORT STATE SERVICE
????111/tcp open|filtered rpcbind
????FIN?????????????????????????(FIN??????????).?????????趼????в???????FIN??跢?????????FIN?????NULL??費?????????????κ?????XMAS??跢??FIN??PSH??URG??????????.
????PING Scan (sP)
????PING??費???????????跽???????????????????????????????????е?.??????????????????????.PING??????ROOT?????????????ROOT????PING??軔?????connect()????.
????#nmap -sP 192.168.1.1
?????汾???(sV)
?????汾????????????????????????????е??????汾.???????????????輼??????????????????????????????????????????????????????????ж??????汾.??e汾???????????????TCP SYN??迪??????Щ???.
????#nmap -sV 192.168.1.1
????Idle scan (sL)
????Idle scan????????????輼???????????????????????Ip??????????????????????????????????????????????.
????#nmap -sL 192.168.1.6 192.168.1.1
????Idle scan????????????????輼???????????????е?192.168.1.6??????192.168.1.1??????????????192.168.1.1???????
?????????????????輼?????? FTP bounce??FTP???????? fragmentation scan???????裩?? IP protocol scan??IPЭ????裩???????????????????????跽?.
????Nmap??OS???O??
????Nmap????????????????????????????????Nmap??OS?????????????????????????????????????????????????????????????????????????????????Nmap??????????nmap-OS-DB???????????????????2600????????????? Nmap??TCP??UDP?????????????????????????????????????
????Initiating SYN Stealth Scan at 10:21
????Scanning localhost (www.nxadmin.com) [1000 ports]
????Discovered open port 111/tcp on www.nxadmin.com
????Completed SYN Stealth Scan at 10:21?? 0.08s elapsed (1000 total ports)
????Initiating OS detection (try #1) against localhost (www.nxadmin.com)
????Retrying OS detection (try #2) against localhost (www.nxadmin.com)
???????????????????????Nmap????η????????????????????????????????????????????????O????дO??

????Nmap?????????????????
?????豸?????·??????????????
???????У????е????????
?????????????????????????????????汾??
???????????????????????????????
???????????????з??????IDS??IPS????????????-PN???????????ping????????????????????????????ping????.-PN???????Nmap????ping?????????
????# nmap -O -PN 192.168.1.1/24
?????????????????????????????????????????????????б??????ping???????-PN???????????PING?????????????????????????.
????Nmap?????????????????п?????????????OS scan?????????????????????????????????′???
????Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
????OS Scan??????????????????з??????????????????????.

???????????????????????????????????????????????????????????Nmap????????????????????????б?????-osscan_limit???

??????????Nmap???????????????????????????????Nmap??2?????? –osscan-guess ?2????????????????????????
????# nmap -O –osscan-guess 192.168.1.1
???????
????Nmap?????????????????????и???????????????????????????а?????????????????????????????????????Nmap??????蹤??????.???????????????.