caranya gampang dengan cara pertama saya menggunakan Nmap untuk menyecan ip satu jaringan
caranya bagaimana
ini dya caranya
1. TCP Connect scanning pada network 192.168.1.0/24
command : nmap -v -sT 192.168.1.0/24
root@hatuhaha:~# nmap -v -sT 192.168.1.0/24
Starting Nmap 5.00 ( http://nmap.org ) at 2010-08-13 07:56 WIT
NSE: Loaded 0 scripts for scanning.
Initiating ARP Ping Scan at 07:56
Scanning 192.168.1.0 [1 port]
Completed ARP Ping Scan at 07:56, 0.23s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 07:56
Completed Parallel DNS resolution of 1 host. at 07:56, 0.03s elapsed
Initiating ARP Ping Scan at 07:56
Scanning 254 hosts [1 port/host]
Completed ARP Ping Scan at 07:56, 1.85s elapsed (254 total hosts)
Initiating Parallel DNS resolution of 254 hosts. at 07:56
Completed Parallel DNS resolution of 254 hosts. at 07:56, 0.11s elapsed
Initiating Connect Scan at 07:56
Scanning 192.168.1.1 [1000 ports]
Discovered open port 53/tcp on 192.168.1.1
Discovered open port 80/tcp on 192.168.1.1
Discovered open port 8080/tcp on 192.168.1.1
Discovered open port 3128/tcp on 192.168.1.1
Completed Connect Scan at 08:01, 6.21s elapsed (1000 total ports)
Host 192.168.1.1 is up (0.00022s latency).
Interesting ports on 192.168.1.1:
Not shown: 996 filtered ports
PORT STATE SERVICE
53/tcp open domain
80/tcp open http
3128/tcp open squid-http
8080/tcp open http-proxy
Initiating Connect Scan at 08:01
Scanning 17 hosts [1000 ports/host]
.....
.....
.....
Host 192.168.1.138 is up (0.00067s latency).
Interesting ports on 192.168.1.138:
Not shown: 997 closed ports
PORT STATE SERVICE
135/tcp open msrpc
139/tcp open netbios-ssn
445/tcp open microsoft-ds
MAC Address: 00:17:9A:3B:00:76 (D-Link)
Read data files from: /usr/share/nmap
Nmap done: 256 IP addresses (18 hosts up) scanned in 15.01 seconds
Raw packets sent: 493 (20.706KB) | Rcvd: 17 (714B)
2. nmap TCP SYN (half-open) scanning
Command : nmap -v -sS 192.168.1.0/24
root@hatuhaha:~# nmap -v -sS 192.168.1.0/24
Starting Nmap 5.00 ( http://nmap.org ) at 2010-08-13 08:13 WIT
NSE: Loaded 0 scripts for scanning.
Initiating ARP Ping Scan at 08:13
Scanning 192.168.1.0 [1 port]
Completed ARP Ping Scan at 08:13, 0.23s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 08:13
Completed Parallel DNS resolution of 1 host. at 08:13, 0.02s elapsed
Initiating ARP Ping Scan at 08:13
Scanning 254 hosts [1 port/host]
Completed ARP Ping Scan at 08:13, 1.84s elapsed (254 total hosts)
Initiating Parallel DNS resolution of 254 hosts. at 08:13
Completed Parallel DNS resolution of 254 hosts. at 08:13, 0.07s elapsed
Initiating SYN Stealth Scan at 08:13
Scanning 192.168.1.1 [1000 ports]
Discovered open port 53/tcp on 192.168.1.1
Discovered open port 8080/tcp on 192.168.1.1
Discovered open port 80/tcp on 192.168.1.1
Discovered open port 3128/tcp on 192.168.1.1
Completed SYN Stealth Scan at 08:13, 0.05s elapsed (1000 total ports)
Host 192.168.1.1 is up (0.0000090s latency).
Interesting ports on 192.168.1.1:
Not shown: 996 closed ports
PORT STATE SERVICE
53/tcp open domain
80/tcp open http
3128/tcp open squid-http
8080/tcp open http-proxy
Initiating SYN Stealth Scan at 08:13
Scanning 11 hosts [1000 ports/host]
....
....
Host 192.168.1.138 is up (0.000080s latency).
Interesting ports on 192.168.1.138:
Not shown: 997 closed ports
PORT STATE SERVICE
135/tcp open msrpc
139/tcp open netbios-ssn
445/tcp open microsoft-ds
MAC Address: 00:17:9A:3B:00:76 (D-Link)
Host 192.168.1.140 is up (0.00030s latency).
All 1000 scanned ports on 192.168.1.140 are filtered
MAC Address: 44:87:FC:5A:5B:68 (Unknown)
Read data files from: /usr/share/nmap
......
3. nmap TCP FIN scanning
Command : nmap -v -sF 192.168.1.0/24
root@hatuhaha:~# nmap -v -sF 192.168.1.0/24
Starting Nmap 5.00 ( http://nmap.org ) at 2010-08-13 08:18 WIT
NSE: Loaded 0 scripts for scanning.
Initiating ARP Ping Scan at 08:18
Scanning 192.168.1.0 [1 port]
Completed ARP Ping Scan at 08:18, 0.23s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 08:18
Completed Parallel DNS resolution of 1 host. at 08:18, 0.03s elapsed
Initiating ARP Ping Scan at 08:18
Scanning 254 hosts [1 port/host]
Completed ARP Ping Scan at 08:18, 1.84s elapsed (254 total hosts)
Initiating Parallel DNS resolution of 254 hosts. at 08:18
Completed Parallel DNS resolution of 254 hosts. at 08:18, 0.07s elapsed
Initiating FIN Scan at 08:18
Scanning 192.168.1.1 [1000 ports]
Completed FIN Scan at 08:18, 1.23s elapsed (1000 total ports)
Host 192.168.1.1 is up (0.000011s latency).
Interesting ports on 192.168.1.1:
Not shown: 996 closed ports
PORT STATE SERVICE
53/tcp open|filtered domain
80/tcp open|filtered http
3128/tcp open|filtered squid-http
8080/tcp open|filtered http-proxy
Initiating FIN Scan at 08:18
Scanning 11 hosts [1000 ports/host]
....
....
Host 192.168.1.129 is up (0.00028s latency).
All 1000 scanned ports on 192.168.1.129 are open|filtered
MAC Address: 00:25:11:03:F7:96 (Elitegroup Computer System CO.)
Host 192.168.1.138 is up (0.00075s latency).
All 1000 scanned ports on 192.168.1.138 are closed
MAC Address: 00:17:9A:3B:00:76 (D-Link)
Host 192.168.1.140 is up (0.00024s latency).
All 1000 scanned ports on 192.168.1.140 are open|filtered
MAC Address: 44:87:FC:5A:5B:68 (Unknown)
..... ......
4. nmap TCP Xmas tree scanning
Digunakan untuk melihat apakah proteksi firewall masih berjalan dengan baik atau tidak.
Command : nmap -v -sX 192.168.1.0/24
root@hatuhaha:~# nmap -v -sX 192.168.1.0/24
Starting Nmap 5.00 ( http://nmap.org ) at 2010-08-13 08:21 WIT
NSE: Loaded 0 scripts for scanning.
Initiating ARP Ping Scan at 08:21
Scanning 192.168.1.0 [1 port]
Completed ARP Ping Scan at 08:21, 0.23s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 08:21
Completed Parallel DNS resolution of 1 host. at 08:21, 0.02s elapsed
Initiating ARP Ping Scan at 08:21
Scanning 254 hosts [1 port/host]
Completed ARP Ping Scan at 08:21, 2.06s elapsed (254 total hosts)
Initiating Parallel DNS resolution of 254 hosts. at 08:21
Completed Parallel DNS resolution of 254 hosts. at 08:21, 0.07s elapsed
Initiating XMAS Scan at 08:21
Scanning 192.168.1.1 [1000 ports]
Completed XMAS Scan at 08:21, 1.23s elapsed (1000 total ports)
Host 192.168.1.1 is up (0.0000060s latency).
Interesting ports on 192.168.1.1:
Not shown: 996 closed ports
PORT STATE SERVICE
53/tcp open|filtered domain
80/tcp open|filtered http
3128/tcp open|filtered squid-http
8080/tcp open|filtered http-proxy
Initiating XMAS Scan at 08:21
Scanning 11 hosts [1000 ports/host]
....
....
5. nmap TCP Null scanning
Digunakan untuk melihat apakah proteksi firewall masih berjalan dengan baik atau tidak.
Command : nmap -v -sN 192.168.1.0/24
root@hatuhaha:~# nmap -v -sN 192.168.1.0/24
Starting Nmap 5.00 ( http://nmap.org ) at 2010-08-13 08:23 WIT
NSE: Loaded 0 scripts for scanning.
Initiating ARP Ping Scan at 08:23
Scanning 192.168.1.0 [1 port]
Completed ARP Ping Scan at 08:23, 0.24s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 08:23
Completed Parallel DNS resolution of 1 host. at 08:23, 0.03s elapsed
Initiating ARP Ping Scan at 08:23
Scanning 254 hosts [1 port/host]
Completed ARP Ping Scan at 08:23, 2.05s elapsed (254 total hosts)
Initiating Parallel DNS resolution of 254 hosts. at 08:23
Completed Parallel DNS resolution of 254 hosts. at 08:23, 0.07s elapsed
Initiating NULL Scan at 08:23
Scanning 192.168.1.1 [1000 ports]
Completed NULL Scan at 08:23, 1.25s elapsed (1000 total ports)
Host 192.168.1.1 is up (0.0000060s latency).
Interesting ports on 192.168.1.1:
Not shown: 996 closed ports
PORT STATE SERVICE
53/tcp open|filtered domain
80/tcp open|filtered http
3128/tcp open|filtered squid-http
8080/tcp open|filtered http-proxy
Initiating NULL Scan at 08:23
Scanning 11 hosts [1000 ports/host]
....
....
6. nmap TCP Windows scanning
command : nmap -v -sW 192.168.1.0/24
root@hatuhaha:~# nmap -v -sW 192.168.1.0/24
Starting Nmap 5.00 ( http://nmap.org ) at 2010-08-13 08:28 WIT
NSE: Loaded 0 scripts for scanning.
Initiating ARP Ping Scan at 08:28
Scanning 192.168.1.0 [1 port]
Completed ARP Ping Scan at 08:28, 0.32s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 08:28
Completed Parallel DNS resolution of 1 host. at 08:28, 0.06s elapsed
Initiating ARP Ping Scan at 08:28
Scanning 254 hosts [1 port/host]
Completed ARP Ping Scan at 08:28, 2.42s elapsed (254 total hosts)
Initiating Parallel DNS resolution of 254 hosts. at 08:28
Completed Parallel DNS resolution of 254 hosts. at 08:28, 0.13s elapsed
Initiating Window Scan at 08:28
Scanning 192.168.1.1 [1000 ports]
Completed Window Scan at 08:28, 0.09s elapsed (1000 total ports)
Host 192.168.1.1 is up (0.0000090s latency).
All 1000 scanned ports on 192.168.1.1 are closed
Initiating Window Scan at 08:28
Scanning 11 hosts [1000 ports/host]
....
....
7. nmap TCP RPC scanning
digunakan untuk mencari RPC services
Command : nmap -v -sR 192.168.1.0/24
root@hatuhaha:~# nmap -v -sR 192.168.1.0/24
Starting Nmap 5.00 ( http://nmap.org ) at 2010-08-13 08:35 WIT
NSE: Loaded 0 scripts for scanning.
Initiating ARP Ping Scan at 08:35
Scanning 192.168.1.0 [1 port]
Completed ARP Ping Scan at 08:35, 0.23s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 08:35
Completed Parallel DNS resolution of 1 host. at 08:35, 0.03s elapsed
Initiating ARP Ping Scan at 08:35
Scanning 254 hosts [1 port/host]
Completed ARP Ping Scan at 08:35, 2.05s elapsed (254 total hosts)
Initiating Parallel DNS resolution of 254 hosts. at 08:35
Completed Parallel DNS resolution of 254 hosts. at 08:35, 0.08s elapsed
Initiating SYN Stealth Scan at 08:35
Scanning 192.168.1.1 [1000 ports]
Discovered open port 8080/tcp on 192.168.1.1
Discovered open port 53/tcp on 192.168.1.1
Discovered open port 80/tcp on 192.168.1.1
Discovered open port 3128/tcp on 192.168.1.1
Completed SYN Stealth Scan at 08:35, 0.05s elapsed (1000 total ports)
Initiating RPCGrind Scan against 192.168.1.1 at 08:35
Completed RPCGrind Scan against 192.168.1.1 at 08:35, 1.20s elapsed (4 ports)
Host 192.168.1.1 is up (0.0000090s latency).
Interesting ports on 192.168.1.1:
Not shown: 996 closed ports
PORT STATE SERVICE VERSION
53/tcp open domain
80/tcp open http
3128/tcp open squid-http
8080/tcp open http-proxy
Initiating SYN Stealth Scan at 08:35
Scanning 12 hosts [1000 ports/host]
....
....
8. nmap UDP scanning
digunakan untuk mencari port UDP yang terbuka
Command : nmap -v -O 192.168.1.0/24
root@hatuhaha:~# nmap -v -O 192.168.1.0/24
Starting Nmap 5.00 ( http://nmap.org ) at 2010-08-13 08:39 WIT
NSE: Loaded 0 scripts for scanning.
Initiating ARP Ping Scan at 08:39
Scanning 192.168.1.0 [1 port]
Completed ARP Ping Scan at 08:39, 0.24s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 08:39
Completed Parallel DNS resolution of 1 host. at 08:39, 0.02s elapsed
Initiating ARP Ping Scan at 08:39
Scanning 254 hosts [1 port/host]
Completed ARP Ping Scan at 08:39, 2.05s elapsed (254 total hosts)
Initiating Parallel DNS resolution of 254 hosts. at 08:39
Completed Parallel DNS resolution of 254 hosts. at 08:39, 0.08s elapsed
Initiating SYN Stealth Scan at 08:39
Scanning 192.168.1.1 [1000 ports]
Discovered open port 80/tcp on 192.168.1.1
Discovered open port 8080/tcp on 192.168.1.1
Discovered open port 53/tcp on 192.168.1.1
Discovered open port 3128/tcp on 192.168.1.1
Completed SYN Stealth Scan at 08:39, 0.05s elapsed (1000 total ports)
....
....
9. nmap remote software version scanning
Digunakan untuk mengetahui versi software pada port yang terbuka
Command : nmap -v -sV 192.168.1.0/24
root@hatuhaha:~# nmap -v -sV 192.168.1.0/24
Starting Nmap 5.00 ( http://nmap.org ) at 2010-08-13 08:46 WIT
NSE: Loaded 3 scripts for scanning.
Initiating ARP Ping Scan at 08:46
Scanning 192.168.1.0 [1 port]
Completed ARP Ping Scan at 08:46, 0.30s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 08:46
Completed Parallel DNS resolution of 1 host. at 08:46, 0.05s elapsed
Initiating ARP Ping Scan at 08:46
Scanning 254 hosts [1 port/host]
Completed ARP Ping Scan at 08:47, 2.21s elapsed (254 total hosts)
Initiating Parallel DNS resolution of 254 hosts. at 08:47
Completed Parallel DNS resolution of 254 hosts. at 08:47, 0.10s elapsed
Initiating SYN Stealth Scan at 08:47
Scanning 192.168.1.1 [1000 ports]
Discovered open port 8080/tcp on 192.168.1.1
Discovered open port 53/tcp on 192.168.1.1
Completed SYN Stealth Scan at 08:47, 0.06s elapsed (1000 total ports)
Initiating Service scan at 08:47
Scanning 4 services on 192.168.1.1
Completed Service scan at 08:47, 11.06s elapsed (4 services on 1 host)
NSE: Script scanning 192.168.1.1.
NSE: Script Scanning completed.
Host 192.168.1.1 is up (0.0000090s latency).
Interesting ports on 192.168.1.1:
Not shown: 996 closed ports
PORT STATE SERVICE VERSION
53/tcp open domain ISC BIND 9.6.1-P2
80/tcp open http Apache httpd 2.2.12 ((Ubuntu))
3128/tcp open http-proxy Squid webproxy 2.7.STABLE6
8080/tcp open http-proxy HAVP anti-virus web proxy
....
....
Host 192.168.1.131 is up (0.00010s latency).
Interesting ports on 192.168.1.131:
Not shown: 996 closed ports
PORT STATE SERVICE VERSION
135/tcp open msrpc Microsoft Windows RPC
139/tcp open netbios-ssn
445/tcp open microsoft-ds Microsoft Windows XP microsoft-ds
3000/tcp open ppp?
MAC Address: 00:1B:B9:AE:BB:F0 (Elitegroup Computer System Co.)
Service Info: OS: Windows
Host 192.168.1.138 is up (0.000092s latency).
Interesting ports on 192.168.1.138:
Not shown: 997 closed ports
PORT STATE SERVICE VERSION
135/tcp open msrpc Microsoft Windows RPC
139/tcp open netbios-ssn
445/tcp open microsoft-ds Microsoft Windows XP microsoft-ds
MAC Address: 00:17:9A:3B:00:76 (D-Link)
Service Info: OS: Windows
....
....
Sumber :
Sahubawa Linux