#cat ip_list.txt1.1.1.0 1.1.1.1 1.1.1.2 1.1.1.3 1.1.1.4 1.1.1.5 1.1.1.6 1.1.1.7 1.1.1.8 1.1.1.9 #nmap -n -sL -iL ip_list.txt
Reverse DNS resolution
#cat /etc/resolv.confnameserver 8.8.8.8 #nmap --dns-servers 8.8.4.4 -sL 1.1.1.0/24
Only ping scan -sP
ICMP echo request -PE:
# nmap --dns-servers 8.8.4.4 -sP -PE 1.1.1.1ICMP timestamp request -PP:
# nmap --dns-servers 8.8.4.4 -sP -PP 1.1.1.1ICMP address mask request -PM:
# nmap --dns-servers 8.8.4.4 -sP -PM 1.1.1.1TCP SYN ping -PS:
# nmap --dns-servers 8.8.4.4 -sP -PS80 1.1.1.1TCP ACK ping -PA:
# nmap --dns-servers 8.8.4.4 -sP -PA80 1.1.1.1UDP ping -PU:
# nmap --dns-servers 8.8.4.4 -sP -PU53 1.1.1.1IP protocol ping -PO:
# nmap --dns-servers 8.8.4.4 -sP -POicmp,igmp 1.1.1.1ARP scan -PR (local ethernet host):
# nmap --dns-servers 192.168.1.10 -sP -PR 192.168.1.1Related options:
--verbose--source-port _port_-n disables DNS resolution--data-length _length_ adds random bytes to every packet--ttl _value_-T3, -T4, -T5 speed up ping scanning--max-parallelism _value_--max-rtt-timeout _value_ how long nmap waits for a ping response-oA, -oN, -oG, -oX different outputs--packet-trace provides more detail--D _decoy1_ adds some noiseSpoof your real source address -e _intf_ -S _spoofed-ip_:
# nmap --dns-servers 8.8.4.4 -sP -PS80 -e ppp0 -S 2.2.2.2 1.1.1.1Skip discovery stage -PN and begin default scanning stage
No matter if the host is up and running:
# nmap -PN 1.1.1.1
No comments:
Post a Comment