使用 netcat [nc] 命令对 Linux 和 Unix 进行端口扫描
我如何在自己的服务器上找出哪些端口是开放的?如何使用 nc 命令进行端口扫描来替换 Linux 或类 Unix 中的 nmap 命令?
nmap (“Network Mapper”)是一个用于网络探测和安全审核的开源工具。如果 nmap 没有安装或者你不希望使用 nmap,那你可以用 netcat/nc 命令进行端口扫描。它对于查看目标计算机上哪些端口是开放的或者运行着服务是非常有用的。你也可以使用 nmap 命令进行端口扫描 。
如何使用 nc 来扫描 Linux,UNIX 和 Windows 服务器的端口呢?
如果未安装 nmap,试试 nc/netcat 命令,如下所示。-z 参数用来告诉 nc 报告开放的端口,而不是启动连接。在 nc 命令中使用 -z 参数时,你需要在主机名/ip 后面限定端口的范围和加速其运行:
<span class="com">### 语法 ###</span>
<span class="com">### nc -z -v {host-name-here} {port-range-here}</span>
<span class="pln">nc </span><span class="pun">-</span><span class="pln">z </span><span class="pun">-</span><span class="pln">v host</span><span class="pun">-</span><span class="pln">name</span><span class="pun">-</span><span class="pln">here </span><span class="kwd">ssh</span>
<span class="pln">nc </span><span class="pun">-</span><span class="pln">z </span><span class="pun">-</span><span class="pln">v host</span><span class="pun">-</span><span class="pln">name</span><span class="pun">-</span><span class="pln">here </span><span class="lit">22</span>
<span class="pln">nc </span><span class="pun">-</span><span class="kwd">w</span><span class="lit">1</span><span class="pun">-</span><span class="pln">z </span><span class="pun">-</span><span class="pln">v server</span><span class="pun">-</span><span class="pln">name</span><span class="pun">-</span><span class="pln">here port</span><span class="pun">-</span><span class="typ">Number</span><span class="pun">-</span><span class="pln">her</span>
<span class="com">### 扫描 1 to 1023 端口 ###</span>
<span class="pln">nc </span><span class="pun">-</span><span class="pln">zv vip</span><span class="pun">-</span><span class="lit">1.vsnl</span><span class="pun">.</span><span class="pln">nixcraft</span><span class="pun">.</span><span class="kwd">in</span><span class="lit">1</span><span class="pun">-</span><span class="lit">1023</span>
输出示例:
<span class="typ">Connection</span><span class="pln"> to localhost </span><span class="lit">25</span><span class="pln"> port </span><span class="pun">[</span><span class="pln">tcp</span><span class="pun">/</span><span class="pln">smtp</span><span class="pun">]</span><span class="pln"> succeeded</span><span class="pun">!</span>
<span class="typ">Connection</span><span class="pln"> to vip</span><span class="pun">-</span><span class="lit">1.vsnl</span><span class="pun">.</span><span class="pln">nixcraft</span><span class="pun">.</span><span class="kwd">in</span><span class="lit">25</span><span class="pln"> port </span><span class="pun">[</span><span class="pln">tcp</span><span class="pun">/</span><span class="pln">smtp</span><span class="pun">]</span><span class="pln"> succeeded</span><span class="pun">!</span>
<span class="typ">Connection</span><span class="pln"> to vip</span><span class="pun">-</span><span class="lit">1.vsnl</span><span class="pun">.</span><span class="pln">nixcraft</span><span class="pun">.</span><span class="kwd">in</span><span class="lit">80</span><span class="pln"> port </span><span class="pun">[</span><span class="pln">tcp</span><span class="pun">/</span><span class="pln">http</span><span class="pun">]</span><span class="pln"> succeeded</span><span class="pun">!</span>
<span class="typ">Connection</span><span class="pln"> to vip</span><span class="pun">-</span><span class="lit">1.vsnl</span><span class="pun">.</span><span class="pln">nixcraft</span><span class="pun">.</span><span class="kwd">in</span><span class="lit">143</span><span class="pln"> port </span><span class="pun">[</span><span class="pln">tcp</span><span class="pun">/</span><span class="pln">imap</span><span class="pun">]</span><span class="pln"> succeeded</span><span class="pun">!</span>
<span class="typ">Connection</span><span class="pln"> to vip</span><span class="pun">-</span><span class="lit">1.vsnl</span><span class="pun">.</span><span class="pln">nixcraft</span><span class="pun">.</span><span class="kwd">in</span><span class="lit">199</span><span class="pln"> port </span><span class="pun">[</span><span class="pln">tcp</span><span class="pun">/</span><span class="pln">smux</span><span class="pun">]</span><span class="pln"> succeeded</span><span class="pun">!</span>
<span class="typ">Connection</span><span class="pln"> to vip</span><span class="pun">-</span><span class="lit">1.vsnl</span><span class="pun">.</span><span class="pln">nixcraft</span><span class="pun">.</span><span class="kwd">in</span><span class="lit">783</span><span class="pln"> port </span><span class="pun">[</span><span class="pln">tcp</span><span class="com">/*] succeeded!</span>
<span class="com">Connection to vip-1.vsnl.nixcraft.in 904 port [tcp/vmware-authd] succeeded!</span>
<span class="com">Connection to vip-1.vsnl.nixcraft.in 993 port [tcp/imaps] succeeded!</span>
你也可以扫描单个端口:
<span class="pln">nc </span><span class="pun">-</span><span class="pln">zv v</span><span class="pun">.</span><span class="pln">txvip1 </span><span class="lit">443</span>
<span class="pln">nc </span><span class="pun">-</span><span class="pln">zv v</span><span class="pun">.</span><span class="pln">txvip1 </span><span class="lit">80</span>
<span class="pln">nc </span><span class="pun">-</span><span class="pln">zv v</span><span class="pun">.</span><span class="pln">txvip1 </span><span class="lit">22</span>
<span class="pln">nc </span><span class="pun">-</span><span class="pln">zv v</span><span class="pun">.</span><span class="pln">txvip1 </span><span class="lit">21</span>
<span class="pln">nc </span><span class="pun">-</span><span class="pln">zv v</span><span class="pun">.</span><span class="pln">txvip1 smtp</span>
<span class="pln">nc </span><span class="pun">-</span><span class="pln">zvn v</span><span class="pun">.</span><span class="pln">txvip1 ftp</span>
<span class="com">### 使用1秒的超时值来更快的扫描 ###</span>
<span class="pln">netcat </span><span class="pun">-</span><span class="pln">v </span><span class="pun">-</span><span class="pln">z </span><span class="pun">-</span><span class="pln">n </span><span class="pun">-</span><span class="kwd">w</span><span class="lit">1</span><span class="pln"> v</span><span class="pun">.</span><span class="pln">txvip1 </span><span class="lit">1</span><span class="pun">-</span><span class="lit">1023</span>
输出示例:
图01:Linux/Unix:使用 Netcat 来测试 TCP 和 UDP 与服务器建立连接
- -z : 端口扫描模式即零 I/O 模式。
- -v : 显示详细信息 [使用 -vv 来输出更详细的信息]。
- -n : 使用纯数字 IP 地址,即不用 DNS 来解析 IP 地址。
- -w 1 : 设置超时值设置为1。
更多例子:
<span class="pln">$ netcat </span><span class="pun">-</span><span class="pln">z </span><span class="pun">-</span><span class="pln">vv www</span><span class="pun">.</span><span class="pln">cyberciti</span><span class="pun">.</span><span class="pln">biz http</span>
<span class="pln">www</span><span class="pun">.</span><span class="pln">cyberciti</span><span class="pun">.</span><span class="pln">biz </span><span class="pun">[</span><span class="lit">75.126</span><span class="pun">.</span><span class="lit">153.206</span><span class="pun">]</span><span class="lit">80</span><span class="pun">(</span><span class="pln">http</span><span class="pun">)</span><span class="pln"> open</span>
<span class="pln">sent </span><span class="lit">0</span><span class="pun">,</span><span class="pln"> rcvd </span><span class="lit">0</span>
<span class="pln">$ netcat </span><span class="pun">-</span><span class="pln">z </span><span class="pun">-</span><span class="pln">vv google</span><span class="pun">.</span><span class="pln">com https</span>
<span class="pln">DNS fwd</span><span class="pun">/</span><span class="pln">rev mismatch</span><span class="pun">:</span><span class="pln"> google</span><span class="pun">.</span><span class="pln">com </span><span class="pun">!=</span><span class="pln"> maa03s16</span><span class="pun">-</span><span class="kwd">in</span><span class="pun">-</span><span class="pln">f2</span><span class="pun">.</span><span class="lit">1e100</span><span class="pun">.</span><span class="pln">net</span>
<span class="pln">DNS fwd</span><span class="pun">/</span><span class="pln">rev mismatch</span><span class="pun">:</span><span class="pln"> google</span><span class="pun">.</span><span class="pln">com </span><span class="pun">!=</span><span class="pln"> maa03s16</span><span class="pun">-</span><span class="kwd">in</span><span class="pun">-</span><span class="pln">f6</span><span class="pun">.</span><span class="lit">1e100</span><span class="pun">.</span><span class="pln">net</span>
<span class="pln">DNS fwd</span><span class="pun">/</span><span class="pln">rev mismatch</span><span class="pun">:</span><span class="pln"> google</span><span class="pun">.</span><span class="pln">com </span><span class="pun">!=</span><span class="pln"> maa03s16</span><span class="pun">-</span><span class="kwd">in</span><span class="pun">-</span><span class="pln">f5</span><span class="pun">.</span><span class="lit">1e100</span><span class="pun">.</span><span class="pln">net</span>
<span class="pln">DNS fwd</span><span class="pun">/</span><span class="pln">rev mismatch</span><span class="pun">:</span><span class="pln"> google</span><span class="pun">.</span><span class="pln">com </span><span class="pun">!=</span><span class="pln"> maa03s16</span><span class="pun">-</span><span class="kwd">in</span><span class="pun">-</span><span class="pln">f3</span><span class="pun">.</span><span class="lit">1e100</span><span class="pun">.</span><span class="pln">net</span>
<span class="pln">DNS fwd</span><span class="pun">/</span><span class="pln">rev mismatch</span><span class="pun">:</span><span class="pln"> google</span><span class="pun">.</span><span class="pln">com </span><span class="pun">!=</span><span class="pln"> maa03s16</span><span class="pun">-</span><span class="kwd">in</span><span class="pun">-</span><span class="pln">f8</span><span class="pun">.</span><span class="lit">1e100</span><span class="pun">.</span><span class="pln">net</span>
<span class="pln">DNS fwd</span><span class="pun">/</span><span class="pln">rev mismatch</span><span class="pun">:</span><span class="pln"> google</span><span class="pun">.</span><span class="pln">com </span><span class="pun">!=</span><span class="pln"> maa03s16</span><span class="pun">-</span><span class="kwd">in</span><span class="pun">-</span><span class="pln">f0</span><span class="pun">.</span><span class="lit">1e100</span><span class="pun">.</span><span class="pln">net</span>
<span class="pln">DNS fwd</span><span class="pun">/</span><span class="pln">rev mismatch</span><span class="pun">:</span><span class="pln"> google</span><span class="pun">.</span><span class="pln">com </span><span class="pun">!=</span><span class="pln"> maa03s16</span><span class="pun">-</span><span class="kwd">in</span><span class="pun">-</span><span class="pln">f7</span><span class="pun">.</span><span class="lit">1e100</span><span class="pun">.</span><span class="pln">net</span>
<span class="pln">DNS fwd</span><span class="pun">/</span><span class="pln">rev mismatch</span><span class="pun">:</span><span class="pln"> google</span><span class="pun">.</span><span class="pln">com </span><span class="pun">!=</span><span class="pln"> maa03s16</span><span class="pun">-</span><span class="kwd">in</span><span class="pun">-</span><span class="pln">f4</span><span class="pun">.</span><span class="lit">1e100</span><span class="pun">.</span><span class="pln">net</span>
<span class="pln">google</span><span class="pun">.</span><span class="pln">com </span><span class="pun">[</span><span class="lit">74.125</span><span class="pun">.</span><span class="lit">236.162</span><span class="pun">]</span><span class="lit">443</span><span class="pun">(</span><span class="pln">https</span><span class="pun">)</span><span class="pln"> open</span>
<span class="pln">sent </span><span class="lit">0</span><span class="pun">,</span><span class="pln"> rcvd </span><span class="lit">0</span>
<span class="pln">$ netcat </span><span class="pun">-</span><span class="pln">v </span><span class="pun">-</span><span class="pln">z </span><span class="pun">-</span><span class="pln">n </span><span class="pun">-</span><span class="kwd">w</span><span class="lit">1</span><span class="lit">192.168</span><span class="pun">.</span><span class="lit">1.254</span><span class="lit">1</span><span class="pun">-</span><span class="lit">1023</span>
<span class="pun">(</span><span class="pln">UNKNOWN</span><span class="pun">)</span><span class="pun">[</span><span class="lit">192.168</span><span class="pun">.</span><span class="lit">1.254</span><span class="pun">]</span><span class="lit">989</span><span class="pun">(</span><span class="pln">ftps</span><span class="pun">-</span><span class="pln">data</span><span class="pun">)</span><span class="pln"> open</span>
<span class="pun">(</span><span class="pln">UNKNOWN</span><span class="pun">)</span><span class="pun">[</span><span class="lit">192.168</span><span class="pun">.</span><span class="lit">1.254</span><span class="pun">]</span><span class="lit">443</span><span class="pun">(</span><span class="pln">https</span><span class="pun">)</span><span class="pln"> open</span>
<span class="pun">(</span><span class="pln">UNKNOWN</span><span class="pun">)</span><span class="pun">[</span><span class="lit">192.168</span><span class="pun">.</span><span class="lit">1.254</span><span class="pun">]</span><span class="lit">53</span><span class="pun">(</span><span class="pln">domain</span><span class="pun">)</span><span class="pln"> open</span>
也可以看看 :
via: http://www.cyberciti.biz/faq/linux-port-scanning/
作者:Vivek Gite 译者:strugglingyouth 校对:wxy
相关推荐
zhangm 2015-12-14
清水寺小僧 2020-05-15
furongwei 2019-12-23
zhongzhiwei 2012-09-25
csdnyasin 2020-05-11
rootrobot 2019-06-13
点滴积累 2012-06-27
lfjjia 2019-03-15
iamplane 2018-12-28
idning 2019-04-27
奋斗的蜗牛 2019-04-09
深井兮兮 2012-12-10
wangyaqi 2018-04-08
0bytes 2018-02-09
Fangxingt 2017-04-17
Derllk 2015-02-13
mieleizhi0 2017-01-21