通過nmap掃描完之后,查看arp緩存表即可查看IP-MAC表
進行ping掃描,輸出所有響應的主機IP:
nmap -sP 172.17.148.0/24 Nmap scan report for 172.17.148.19 Host is up (0.0029s latency). Nmap scan report for 172.17.148.28 Host is up (0.00069s latency). Nmap scan report for 172.17.148.36 Host is up (0.0067s latency). Nmap scan report for 172.17.148.40 Host is up (0.0033s latency). Nmap scan report for 172.17.148.41 Host is up (0.0017s latency). Nmap scan report for 172.17.148.45 Host is up (0.0016s latency). Nmap scan report for 172.17.148.46 Host is up (0.010s latency). Nmap scan report for 172.17.148.54 Host is up (0.00083s latency). Nmap scan report for 172.17.148.63 Host is up (0.0010s latency). Nmap scan report for 172.17.148.64 Host is up (0.0013s latency).
..................
掃描指定主機的開放端口,系統版本等信息:nmap -A 172.17.148.168 #比如我掃描一下舍友的電腦,結果如下: Starting Nmap 5.21 ( http://nmap.org ) at 2013-03-22 19:12 CST Nmap scan report for 172.17.148.168 Host is up (0.00069s latency). Not shown: 993 filtered ports PORT STATE SERVICE VERSION 80/tcp open http Microsoft IIS httpd 7.5 |_html-title: \xE6\x88\x91\xE7\x9A\x84\xE9\xA6\x96\xE9\xA1\xB5 135/tcp open msrpc Microsoft Windows RPC 139/tcp open netbios-ssn 445/tcp open netbios-ssn 843/tcp open unknown 3389/tcp open microsoft-rdp Microsoft Terminal Service 8000/tcp open tcpwrapped Service Info: OS: Windows Host script results: |_nbstat: NetBIOS name: BO, NetBIOS user: <unknown>, NetBIOS MAC: 20:6a:8a:59:f8:ee | smb-os-discovery: | OS: Windows 7 Ultimate 7601 Service Pack 1 (Windows 7 Ultimate 6.1) | Name: WORKGROUP\BO |_ System time: 2013-03-22 19:14:36 UTC+8 |_smbv2-enabled: Server supports SMBv2 protocol Service detection performed. Please report any incorrect results at http://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 144.04 seconds
UDP掃描(需要root權限,且速度慢):
nmap -sU 172.17.148.0/24
SYN掃描(需要root權限):
namp -sS 172.17.148.0/24
掃描完后查看/proc/net/arp
cat /proc/net/arp
