Pengertian
Nmap (Network Mapper) adalah sebuah program open source yang bergunauntuk
mengesksplorasi jaringan.
- Nmap didesain untuk dapat melakukan scan jaringan yang besar, juga dapat
digunakan untuk melakukan scan host tunggal. - Nmap menggunakan paket IP untuk menentukan host- host yang aktif dalam suatu jaringan,port-port yang terbuka, sistem operasi yang dipunyai, tipe firewall yang dipakai, dll.
- Powerful
- Nmap dapat digunakan untuk men-scan jaringan yang besar
- Portable
- Nmap dapat berjalan di berbagai macam sistem operasi seperti Linux, Windows,
- FreeBSD, OpenBSD, Solaris, dll
- Mudah untuk digunakan
- Free
- Mempunyai dokumentasi yang baik
1.Mengecek port yang terbuka
#nmap [host]2.Multi IP Scanning
[root@backbox]# nmap 192.168.1.11
Starting Nmap 5.50 ( http://nmap.org ) at 20120122
16:00 WIT
Nmap scan report for 192.168.102.8
Host is up (0.0066s latency).
Not shown: 998 closed ports
PORT STATE SERVICE
21/tcp open ftp
3128/tcp open squidhttp
MAC Address: 30:2D:BD:92:AE:51 (Unknown)
Nmap done: 1 IP address (1 host up) scanned in 1.78
seconds
Untuk scanning lebih dari satu IP
#nmap [host1] [host2] [host3]
[root@backbox]# nmap 192.168.102.8 192.168.124.23 192.168.200.103. Mengece Operating System
Starting Nmap 5.50 ( http://nmap.org ) at 20120122 16:02 WIT
Nmap scan report for 192.168.102.8
Host is up (0.0090s latency).
Not shown: 998 closed ports
PORT STATE SERVICE
21/tcp open ftp
3128/tcp open squidhttp
MAC Address: 30:2D:BD:92:AE:51 (Unknown)
Nmap scan report for 192.168.124.23
Host is up (0.000010s latency).
Not shown: 999 closed ports
PORT STATE SERVICE
22/tcp open ssh
Nmap scan report for 192.168.200.10
Host is up (0.029s latency).
Not shown: 784 closed ports, 214 filtered ports
PORT STATE SERVICE
22/tcp open ssh
62078/tcp open iphonesync
MAC Address: 90:27:E4:83:2F:F3 (Apple)
Nmap done: 3 IP addresses (3 hosts up) scanned in 8.78 seconds
#nmap O [ target IP ]
memerintahkan nmap untuk mendeteksi operating system target
[root@backbox]# nmap O 192.168.102.84.[-PN] not Ping
Starting Nmap 5.50 ( http://nmap.org ) at 20120122
16:34 WIT
Nmap scan report for 192.168.102.8
Host is up (0.000098s latency).
Not shown: 999 closed ports
PORT STATE SERVICE
22/tcp open ssh
No exact OS matches for host (If you know what OS is
running on it, see http://nmap.org/submit/ ).
TCP/IP fingerprint:
OS:SCAN(V=5.50%D=1/22%OT=22%CT=1%CU=43741%PV=Y%DS=0%DC=L
%G=Y%TM=4F1BD823%P=
OS:i386redhatlinuxgnu)SEQ(SP=107%GCD=1%ISR=10#nmap
[host]
[root@backbox]# nmap 192.168.102.8
Starting Nmap 5.50 ( http://nmap.org ) at 20120122
16:00 WIT
Nmap scan report for 192.168.102.8
Host is up (0.0066s latency).
Not shown: 998 closed ports
www.indonesianbacktrack.or.idPORT STATE SERVICE
21/tcp open ftp
3128/tcp open squidhttp
MAC Address: 30:2D:BD:92:AE:51 (Unknown)
Nmap done: 1 IP address (1 host up) scanned in 1.78
seconds
Memerintahkan nmap melakukan scanning tanpa melakukan ping , sehingga proses
akan lebih sederhana
#nmap PN [ target IP ]
[root@backbox]# nmap PN 192.168.102.85.[-sV] service
Starting Nmap 5.50 ( http://nmap.org ) at 20120122 16:06 WIT
Nmap scan report for 192.168.102.8
Host is up (0.0022s latency).
Not shown: 998 closed ports
PORT STATE SERVICE
22/tcp open ssh
62078/tcp open iphonesync
MAC Address: 90:27:E4:83:2F:F3 (Apple)
Nmap done: 1 IP address (1 host up) scanned in 6.48 seconds
Memerintahkan nmap melakukan scanning dengan menampilkan informasi dari service tertentu
#nmap sV [ target IP ]
[root@backbox]# nmap sV 192.168.102.86.[ -sn ] Up Host
Starting Nmap 5.50 ( http://nmap.org ) at 20120122 16:40 WIT
Nmap scan report for 192.168.102.8
Host is up (0.000010s latency).
Not shown: 999 closed ports
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 5.6 (protocol 2.0)
Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 0.69 seconds
Memerintahkan nmap untuk memeriksa apakah host tersebut up atau tidak.
Alangkah lebih baik jika diberikan tanda netmask untuk mengambil seluruh host
pada network range netmask tertentu
[root@backbox]# nmap sn 192.168.102.8/247.[-sP] simple Ping
Starting Nmap 5.50 ( http://nmap.org ) at 20120122 16:43 WIT
Nmap scan report for 192.168.102.1
Host is up (0.00024s latency).
MAC Address: C8:64:C7:4B:B8:D0 (Unknown)
Nmap done: 256 IP addresses (1 hosts up) scanned in 3.52 seconds
Memerintahkan nmap melakukan scanning dengan melakukan simple ping
#nmap sP [ target IP ]
[root@backbox]# nmap sP 192.168.102.88.[-PR] ARP Ping Scan
Starting Nmap 5.50 ( http://nmap.org ) at 20120122 16:09 WIB Nmap scan report for 192.168.102.8
Host is up (0.016s latency).
MAC Address: 90:27:E4:83:2F:F3 (Unknown)
Nmap done: 1 IP address (1 host up) scanned in 0.11 seconds
Memerintahkan nmap melakukan ping scanning ARP (Address Resolution
Protocol) pada target host
#nmap PR [ target IP ]
[root@backbox]# nmap PR 192.168.102.89. [-sS] TCP SYN stealth port scan (root)
Starting Nmap 5.50 ( http://nmap.org ) at 20120122 16:13 WIT
Nmap scan report for 192.168.102.8
Host is up (0.0022s latency).
Not shown: 998 closed ports
PORT STATE SERVICE
21/tcp open ftp
3128/tcp open squidhttp
MAC Address: 30:2D:BD:92:AE:51 (Unknown)
Nmap done: 1 IP address (1 host up) scanned in 1.75 seconds
#nmap sS [target IP]
[root@backbox]# nmap sS 192.168.102.810. [-sT] TCP connect() port scan (default untuk unprivileged users)
Starting Nmap 5.50 ( http://nmap.org ) at 20120122 15:53 WIT
Note: Host seems down. If it is really up, but blocking our ping
probes, try Pn
Nmap done: 1 IP address (0 hosts up) scanned in 0.50 seconds
#nmap –sT [target] Atau nmap T [flag] sT [target]
Parameternya :
-T adalah “Flag” / bendera untuk mengatur kecepatan scanning oleh Nmap.
0 yang terpelan dan 5 yang tercepat.
0 = Paranoid
1 = Sneaky
2 = Polite
3 = kecepatan normal, standard nmap
4 = Aggressive,mampu menembus firewall dan jaringan yang ter-filter.
5 = Insane
[root@backbox]# nmap T 5 sT 192.168.102.811. Opsi pada port scanning
Starting Nmap 5.50 ( http://nmap.org ) at 20120122
15:57 WIT
Nmap scan report for 192.168.102.8
Host is up (0.0017s latency).
Not shown: 998 closed ports
PORT STATE SERVICE
21/tcp open ftp
3128/tcp open squidhttp
MAC Address: 9A:4D:DF:8C:3A:B5 (Unknown)
Nmap done: 1 IP address (1 host up) scanned in 2.94 seconds
[ –F ] [fast] memungkinkan nmap untuk melakukan scanning terhadap 100 port
pertama
#nmap f [host]
[ - P ] [port] memungkin nmap hanya melakukan scanning terhadap port tertentu
#nmap p[port] [hosts]
[root@backbox]# nmap p21 192.168.102.8Untuk scanning lebih dari satu port anda bisa menambahkan tanda “koma” untuk memisahkan antara port
Starting Nmap 5.50 ( http://nmap.org ) at 20120122 16:20 WIT
Nmap scan report for 192.168.102.8
Host is up (0.020s latency).
PORT STATE SERVICE
21/tcp open ftp
MAC Address: 30:2D:BD:92:AE:51 (Unknown)
Nmap done: 1 IP address (1 host up) scanned in 0.17 seconds
[ root@backbox]# nmap p21,3128 192.168.102.8Atau anda bisa menambahkan tanda “-” untuk menentukan range
Starting Nmap 5.50 ( http://nmap.org ) at 20120122 16:22 WIT
Nmap scan report for 192.168.102.8
Host is up (0.045s latency).
PORT STATE SERVICE
21/tcp open ftp
3128/tcp open squidhttp
MAC Address: 30:2D:BD:92:AE:51 (Unknown)
Nmap done: 1 IP address (1 host up) scanned in 0.20 seconds
[root@bt]# nmap p21_3128 192.168.102.8Atau bahkan keduanya
Starting Nmap 5.50 ( http://nmap.org ) at 20120122 16:24 WIT
Nmap scan report for 192.168.102.8
Host is up (0.0069s latency).
Not shown: 3106 closed ports
PORT STATE SERVICE
21/tcp open ftp
3128/tcp open squidhttp
MAC Address: 30:2D:BD:92:AE:51 (Unknown)
Nmap done: 1 IP address (1 host up) scanned in 2.59 seconds
[root@backbox]# nmap p 21,22,24,21_3128 192.168.102.8Anda pun dapat menentukan port dengan memasukan nama servicenya
[root@backbox]# nmap p ssh,ftp,http 192.168.102.8Atau jika anda ingin melakukan scan ke seluruh ip
[root@backbox]# nmap p “*” 192.168.102.8Kemudian anda ingin melakukan scan dengan range tipe protocol tertentu
TCP
[root@backbox]# nmap p T:10002000 192.168.102.8UDP
[root@backbox]# nmap p U:10002000 192.168.1.102.811. [ -f ] menentukan fragment probes dalam paket sebesar 8 bytes
#nmap -f 192.168.1.3412. [ -D ] menggunakan decoy
Syntax used: nmap -D [decoy1, decoy2, decoy3, etc| RND:Number]
[target's IP add]
#nmap -D 192.168.102.813. [ -sI ] Iddle Scann
Membuat nmap melakukan scann dalam mode background dan memakai ip address tertentu , sehingga seakan-akan nmap melakukan scann dari host berbeda
[root@backbox]# nmap sI 192.168.102.814. [--spoof] Spoofing mac address
Membuat nmap melakukan scann dengan memalsukan mac address tertentu
Coba scann ke ip sendiri , nanti akan terlihat perbedaan dalam mac address
[root@backbox]# nmap sT PN spoofmac lenovo 192.168.102.815. [--randomize-hosts]
Starting Nmap 5.50 ( http://nmap.org ) at 20120122 16:56 WIT
Spoofing MAC address 00:03:93:74:DC:88 (Lenovo Computer)
Nmap scan report for 192.168.102.8
Host is up (0.0015s latency).
Not shown: 999 closed ports
PORT STATE SERVICE
22/tcp open ssh
Nmap done: 1 IP address (1 host up) scanned in 0.22 seconds
melakukan scann host secara random
#nmap –randomizehosts 192.168.102.1-10016. [--source-port]/[g]
nmap –sourceport 53 192.168.1.36
nmap –g 53 192.168.1.36
[root@backbox]# nmap sourceport 21 192.168.102.8ok Sekian dari saya semoga artikel kali ini bisa bermanfaat bagi pembaca
Starting Nmap 5.50 ( http://nmap.org ) at 20120122
17:01 WIT
Nmap scan report for 192.168.102.8
Host is up (0.000010s latency).
Not shown: 999 closed ports
PORT STATE SERVICE
22/tcp open ssh
Nmap done: 1 IP address (1 host up) scanned in 0.15
Note : Hanya sekedar Informasi bila terjadi apa-apa bukan tanggung jawab sayaReferensi : ebook aswbv1.pdf
Maksud dan Tujuan
Seperti diatas maksud dan Tujuan saya adalah untuk mentesting server local saya sendiri agar bila kedepanya kalau mau yang langsung public udah tau apa yang mau ditutup portnya ^_^
Tolong komentarnya berhubungan dengan artikel yang ada. Komentar yang mengarah ke tindakan spam akan di hapus atau terjaring secara otomatis oleh spam filter. ConversionConversion EmoticonEmoticon