ikhyar Blog

Nmap atau Network Mapper adalah tools yang di gunakan untuk Security Auditing, sekarang nmap sudah versi 5.

Pada contoh ini saya akan menginstall nmap yang versi lama yaitu 4.76 , [proses instal di cut ]setelah selesai menginstall nya jalan kan dengan mengetikan  di konsol .. spt di bawah ini …

[root@localhost ~]# nmap
Nmap 4.76 ( http://nmap.org )
Usage: nmap [Scan Type(s)] [Options] {target specification}
TARGET SPECIFICATION:
Can pass hostnames, IP addresses, networks, etc.
Ex: scanme.nmap.org, microsoft.com/24, 192.168.0.1; 10.0.0-255.1-254
-iL <inputfilename>: Input from list of hosts/networks
-iR <num hosts>: Choose random targets
–exclude <host1[,host2][,host3],…>: Exclude hosts/networks
–excludefile <exclude_file>: Exclude list from file

—— dipotong kepajagan —secara devault jika ketikkan nmap di consol maka akan keluar beragam contoh sintaks yang biasa di gunakan di nmap ——-

Okeh di bawah ini saya akan mencoba menggunakan salah satu sintaks untuk memperaktekannya,

[root@localhost ~]# nmap -v 127.0.0.1

Starting Nmap 4.76 ( http://nmap.org ) at 2009-07-18 10:29 CIT
Initiating SYN Stealth Scan at 10:29
Scanning localhost.localdomain (127.0.0.1) [1000 ports]
Discovered open port 22/tcp on 127.0.0.1
Discovered open port 25/tcp on 127.0.0.1
Discovered open port 111/tcp on 127.0.0.1
Discovered open port 631/tcp on 127.0.0.1
Completed SYN Stealth Scan at 10:29, 0.06s elapsed (1000 total ports)
Host localhost.localdomain (127.0.0.1) appears to be up … good.
Interesting ports on localhost.localdomain (127.0.0.1):
Not shown: 996 closed ports
PORT    STATE SERVICE
22/tcp  open  ssh
25/tcp  open  smtp
111/tcp open  rpcbind
631/tcp open  ipp

Read data files from: /usr/share/nmap
Nmap done: 1 IP address (1 host up) scanned in 0.13 seconds
Raw packets sent: 1000 (44.000KB) | Rcvd: 2004 (84.176KB)

nah kira-kira apa yang ada di benak teman-teman dengan hasil seperti di atas ada ide lain , okeh kita coba dengan sintaks lain yaitu mengganti v dengan O (besar)

[root@localhost ~]# nmap -O ikhyar.net

Starting Nmap 4.76 ( http://nmap.org ) at 2009-07-18 10:57 CIT
Interesting ports on 185-18.tca.net.id (120.136.18.185):
Not shown: 996 closed ports
PORT    STATE SERVICE
22/tcp  open  ssh
80/tcp  open  http
111/tcp open  rpcbind
113/tcp open  auth
Device type: general purpose|WAP|switch|broadband router
Running (JUST GUESSING) : Linux 2.6.X|2.4.X (94%), Netgear embedded (92%), Actiontec Linux 2.4.X (91%), HP embedded (91%), Linksys embedded (91%), Linksys Linux 2.4.X (91%), AVM embedded (90%), Acorp embedded (90%)
Aggressive OS guesses: Linux 2.6.15 – 2.6.25 (94%), Linux 2.6.20 (Ubuntu 7.04 server, x86) (94%), Netgear DG834PN RangeMax wireless broadband router (92%), HP Brocade 4100 switch; or Actiontec MI-424-WR, Linksys WRVS4400N, or Netgear WNR834B wireless broadband router (91%), HP Brocade 4Gb SAN switch (91%), Linksys WRT300N wireless broadband router (91%), Linux 2.4.20 (91%), Linux 2.6.24 (Ubuntu 8.04, x86) (91%), Linux 2.6.9 – 2.6.24 (91%), Linux 2.6.24 (Debian) (91%)
No exact OS matches for host (test conditions non-ideal).
Network Distance: 9 hops

OS detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 47.03 seconds

nah hasil di atas kita akan mengetahui bahwa target kita menggunakan OS Linux dan bla..bla, gimana kerenn nggak tool yang satu ini … silahkan di coba