????Nmap????????????Network Mapper?????????????????????????????????ù????????????????????????????????????????????????????????????????Nmap???????á??????Nmap?????????????????????????????????Nmap???????????????4-1?????
??????4-1  Nmap???????
?????????4-1?????nmap??????????????192.168.6.105??????????????????????
????root@kali:~# nmap -sS -Pn 192.168.6.105
????Starting Nmap 6.46 ( http://nmap.org ) at 2014-07-16 09:25 CST
????Nmap scan report for 192.168.6.105
????Host is up (0.00014s latency).
????Not shown: 977 closed ports
????PORT     STATE SERVICE
????21/tcp   open  ftp
????22/tcp   open  ssh
????23/tcp   open  telnet
????25/tcp   open  smtp
????53/tcp   open  domain
????80/tcp   open  http
????111/tcp  open  rpcbind
????139/tcp  open  netbios-ssn
????445/tcp  open  microsoft-ds
????512/tcp  open  exec
????513/tcp  open  login
????514/tcp  open  shell
????1099/tcp open  rmiregistry
????1524/tcp open  ingreslock
????2049/tcp open  nfs
????2121/tcp open  ccproxy-ftp
????3306/tcp open  mysql
????5432/tcp open  postgresql
????5900/tcp open  vnc
????6000/tcp open  X11
????6667/tcp open  irc
????8009/tcp open  ajp13
????8180/tcp open  unknown
????MAC Address: 00:0C:29:13:E0:3D (VMware)
????Nmap done: 1 IP address (1 host up) scanned in 0.48 seconds
???????????????????????????192.168.6.105?????????ж?????????????????????????????MAC???????蹲????0.48?????????????У?-sS????????TCP SYN??裻-Pn???????????ping??衣???????TCP SYN??裬???????????????????????????????????????????
?????????????????????????????????????汾?????????Nmap?????-A?????????
?????????4-2????????????192.168.6.105?????е????????汾??????????????????
root@kali:~# nmap -sS -Pn -A 192.168.6.105
Starting Nmap 6.46 ( http://nmap.org ) at 2014-07-16 09:25 CST
Nmap scan report for 192.168.6.105
Host is up (0.00035s latency).
Not shown: 977 closed ports
PORT       STATE SERVICE    VERSION
21/tcp              open  ftp           vsftpd 2.3.4
|_ftp-anon: Anonymous FTP login allowed (FTP code 230)
22/tcp              open  ssh                  OpenSSH 4.7p1 Debian 8ubuntu1 (protocol 2.0)
| ssh-hostkey:
|   1024 60:0f:cf:e1:c0:5f:6a:74:d6:90:24:fa:c4:d5:6c:cd (DSA)
|_  2048 56:56:24:0f:21:1d:de:a7:2b:ae:61:b1:24:3d:e8:f3 (RSA)
23/tcp                open  telnet         Linux telnetd
25/tcp                open  smtp         Postfix smtpd
|_smtp-commands: metasploitable.localdomain?? PIPELINING?? SIZE 10240000?? VRFY?? ETRN?? STARTTLS?? ENHANCEDSTATUSCODES?? 8BITMIME?? DSN??
| ssl-cert: Subject: commonName=ubuntu804-base.localdomain/organizationName=OCOSA/stateOrProvinceName=There is no such thing outside US/countryName=XX
| Not valid before: 2010-03-17T14:07:45+00:00
|_Not valid after:  2010-04-16T14:07:45+00:00
|_ssl-date: 2014-07-09T06:59:06+00:00; -6d18h27m07s from local time.
53/tcp               open  domain              ISC BIND 9.4.2
| dns-nsid:
|_  bind.version: 9.4.2
80/tcp               open  http          Apache httpd 2.2.8 ((Ubuntu) DAV/2)
|_http-methods: No Allow or Public header in OPTIONS response (status code 200)
|_http-title: Metasploitable2 – Linux
……
6667/tcp           open  irc                    Unreal ircd
| irc-info:
|   server: irc.Metasploitable.LAN
|   version: Unreal3.2.8.1. irc.Metasploitable.LAN
|   servers: 1
|   users: 1
|   lservers: 0
|   lusers: 1
|   uptime: 0 days?? 20:28:27
|   source host: 45DFBD5E.E9742FE6.FFFA6D49.IP
|_  source ident: nmap
8009/tcp           open  ajp13                         Apache Jserv (Protocol v1.3)
|_ajp-methods: Failed to get a valid response for the OPTION request
8180/tcp           open  http                   Apache Tomcat/Coyote JSP engine 1.1
|_http-favicon: Apache Tomcat
|_http-methods: No Allow or Public header in OPTIONS response (status code 200)
|_http-title: Apache Tomcat/5.5
MAC Address: 00:0C:29:13:E0:3D (VMware)
Device type: general purpose
Running: Linux 2.6.X
OS CPE: cpe:/o:linux:linux_kernel:2.6
OS details: Linux 2.6.9 - 2.6.33
Network Distance: 1 hop
Service Info: Hosts:  metasploitable.localdomain?? localhost?? irc.Metasploitable.LAN; OSs: Unix?? Linux; CPE: cpe:/o:linux:linux_kernel
Host script results:
|_nbstat: NetBIOS name: METASPLOITABLE?? NetBIOS user: <unknown>?? NetBIOS MAC: <unknown> (unknown)
| smb-os-discovery:
|   OS: Unix (Samba 3.0.20-Debian)
|   NetBIOS computer name:
|   Workgroup: WORKGROUP
|_  System time: 2014-07-09T02:59:06-04:00
TRACEROUTE
HOP RTT     ADDRESS
1   0.35 ms 192.168.6.105
OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 25.58 seconds
???????????????У???????????????????????????????????汾??????Unreal Internet Relay Chat??IRC??????????汾??3.8.1??????????????????????汾?????й????????????潫???????????????????????汾?????????????????