Nmap是一款非常强大网络扫描工具。下面将使用该工具,对Windows XP SP1实施一个全面扫描。在该操作系统中,没有安装任何的程序。其中,扫描结果如下所示:
Starting Nmap 6.47 ( http://nmap.org ) at 2015-07-23 15:13 CST
Nmap scan report for localhost (192.168.1.105)
Host is up (0.00029s latency).
Not shown: 995 closed ports
PORT STATE SERVICE VERSION
135/tcp open msrpc Microsoft Windows RPC
139/tcp open netbios-ssn
445/tcp open microsoft-ds Microsoft Windows XP microsoft-ds
1025/tcp open msrpc Microsoft Windows RPC
5000/tcp open http-proxy sslstrip
|_http-methods: No Allow or Public header in OPTIONS response (status code 400)
|_http-title: Site doesn’t have a title.
MAC Address: 00:0C:29:A8:A6:6C (VMware)
Device type: general purpose
Running: Microsoft Windows 2000|XP
OS CPE: cpe:/o:microsoft:windows_2000::- cpe:/o:microsoft:windows_2000::sp1 cpe:/o:microsoft:windows_2000::sp2 cpe:/o:microsoft:windows_2000::sp3 cpe:/o:microsoft:windows_2000::sp4 cpe:/o:microsoft:windows_xp::- cpe:/o:microsoft:windows_xp::sp1
OS details: Microsoft Windows 2000 SP0 – SP4 or Windows XP SP0 – SP1
Network Distance: 1 hop
Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
Host script results:
|_nbstat: NetBIOS name: AA-886OKJM26FSW, NetBIOS user: <unknown>, NetBIOS MAC: 00:0c:29:a8:a6:6c (VMware)
| smb-os-discovery:
| OS: Windows XP (Windows 2000 LAN Manager)
| OS CPE: cpe:/o:microsoft:windows_xp::-
| Computer name: aa-886okjm26fsw
| NetBIOS computer name: AA-886OKJM26FSW
| Workgroup: WORKGROUP
|_ System time: 2015-07-23T15:13:43+08:00
| smb-security-mode:
| Account that was used for smb scripts: guest
| User-level authentication
| SMB Security: Challenge/response passwords supported
|_ Message signing disabled (dangerous, but default)
|_smbv2-enabled: Server doesn’t support SMBv2 protocol
TRACEROUTE
HOP RTT ADDRESS
1 0.29 ms localhost (192.168.1.105)
OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 8.24 seconds
如果希望更好的学习Nmap工具,可以参考《Nmap扫描基础教程》教程。