NmapNetwork Security Scanner .doc
《NmapNetwork Security Scanner .doc》由会员分享,可在线阅读,更多相关《NmapNetwork Security Scanner .doc(39页珍藏版)》请在三一办公上搜索。
1、Nmap - Network Security Scanner0360592 Project 2Ahsaan ArefeenSrabanti DeyMingyue YuInstructor: Dr. A. AggarwalContentsI. Introduction 2II. Option Observation.4 II.1 Scan type.4-sT.4-sS.6-sF.8 sX9 -sN.11-sP16-sO-sA-sW II.2 General option-PT-PS-PI-O-I-v-h-p-F-MIII. ConclusionI. IntroductionNmap is a
2、network exploration tool and security scanner. It is designed to allow system administrators and curious individuals to scan large networks to determine which hosts are up and what services they are offering. Nmap supports a large number of scanning techniques such as: UDP, TCP connect(), TCP SYN (h
3、alf open), ftp proxy (bounce attack), Reverse-ident, ICMP (ping sweep), FIN,ACK sweep, Xmas Tree, SYN sweep, IP Protocol, and Null scan. nmap also offers a number of advanced features such as remote OS detection via TCP/IP fingerprinting, stealth scanning, dynamic delay and retransmission calculatio
4、ns, parallel scanning, detection of down hosts via parallel pings, decoy scanning, port filtering detection, direct (non-portmapper) RPC scanning, fragmentation scanning, and flexible target and port specification.The result of running nmap is usually a list of ports on the machine being scanned. Nm
5、ap always gives the ports well known service name, number, state, and protocol. The state is either open, filtered, or unfiltered. Open means that the target machine will accept() connections on that port. Filtered means that a firewall, filter, or other network obstacle is covering the port and pre
6、venting nmap from determining whether the port is open. Unfiltered means that the port is known by nmap to be closed and no fire wall/filter seems to be interfering with nmaps attempts to determine this. Unfiltered ports are the common case and are only shown when most of the scanned ports are in th
7、e filtered state.Depending on options used, nmap may also report the following characteristics of the remote host: OS in use, TCP sequence ability, usernames running the programs which have bound to each port, the DNS name, whether the host is a smurf address, and a few others.Nmap has the following
8、 features: Flexible: Supports dozens of advanced techniques for mapping out networks filled with IP filters, firewalls, routers, and other obstacles. This includes many port scanning mechanisms (both TCP & UDP), OS detection, pings sweeps, and more. Powerful: Nmap has been used to scan huge networks
9、 of literally hundreds of thousands of machines. Portable: Most operating systems are supported, including Linux, Open/Free/Net BSD, Solaris, IRIX, Mac OS X, HP-UX, Sun OS, and more. Windows support is in beta and we are not distributing binaries yet. Easy: Both traditional command line and graphica
10、l (GUI) versions are available to suit preference. Binaries are available for those who do not wish to compile Nmap from source. Free: The primary goals of the Nmap Project is to help make the Internet a little more secure and to provide administrators/auditors/hackers with an advanced tool for expl
11、oring their networks. Nmap is available for free, and also comes with full source code that you may modify and redistribute under the terms of the GNU General Public License (GPL). Well Documented: Significant effort has been put into comprehensive and up-to-date man pages, whitepapers, and tutorial
12、s. Acclaimed: Nmap has won numerous awards, including Information Security Product of the Year by both Info World and Codetalker Digest. It has been featured in hundreds of magazine articles. Popular: Thousands of people download Nmap every day, and it is included with many operating systems (Redhat
13、 Linux, Debian Linux, FreeBSD, OpenBSD, etc). It is among the top ten (out of 15,000) downloads at the Freshmeat repository. This is important because it lends Nmap its vibrant development and user support communities. II. Option ObservationNmap has two kinds of options, one is to define the scan ty
14、pe and using that type option to scan the ports, and the other is general option.II.1. Scan type-sTTCP connect() scan: the most basic form of TCP scanning. It is based on the method of establishing a connection in the TCP protocol, known as a three way handshake.1. The server must be ready to receiv
15、e a connection (usually using the socket, bind and listen functions)2. The client starts an active connection - a call to connect (). This sends a SYN segment to the server to inform about the initial sequence number of the data that client will send during connection. The SYN usually contains an IP
16、 Header - a TCP Header and maybe some TCP option.3. The server should acknowledge the SYN sending with an ACK and a SYN with its sequence number (within the same TCP package).4. The client should acknowledge the server SYN with an ACKThis way of scanning has two advantages: it is fast (nmap even has
17、 options that we will not analyze to make it faster on slow connections) special privileges are not needed on the machine that launches the scanning but it has a big disadvantage. It is very simple to detect and easy to filter.The follow is the output of nmap sT davinci.newcs.uindsor.ca saturn.cspc1
- 配套讲稿:
如PPT文件的首页显示word图标,表示该PPT已包含配套word讲稿。双击word图标可打开word文档。
- 特殊限制:
部分文档作品中含有的国旗、国徽等图片,仅作为作品整体效果示例展示,禁止商用。设计者仅对作品中独创性部分享有著作权。
- 关 键 词:
- Nmap Network Security Scanner
三一办公所有资源均是用户自行上传分享,仅供网友学习交流,未经上传用户书面授权,请勿作他用。
冀教版初中英语八级下册Lesson 19 The Zoo Is Open!说课稿.doc冀教版初中英语八级下册Lesson 19 The Zoo Is Open!说课稿.doc
NmapNetwork Security Scanner.docNmapNetwork Security Scanner.doc
企业业务销售管理手册.docx企业业务销售管理手册.docx
人工智能课件第3章搜索策略.ppt人工智能课件第3章搜索策略.ppt
微软业务销售手册.docx微软业务销售手册.docx
鹰眼彩带(涨幅、看跌、卖出)的指标公式源码.docx鹰眼彩带(涨幅、看跌、卖出)的指标公式源码.docx
abh_-open业务销售手册-某内部资料doc21).docxabh_-open业务销售手册-某内部资料doc21).docx
open业务销售手冊微软内部资料.docxopen业务销售手冊微软内部资料.docx
open业务销售手册某内部资料.docxopen业务销售手册某内部资料.docx
链接地址:https://www.31ppt.com/p-2400388.html