nmap是一款非常强大的工具，可以扫描icmp,tcp,udp协议，支持端口扫描和主机存活扫描

一.安装

yum install nmap

二.命令

通过icmp方式，扫描出局域网中可以用的主机

# nmap -sP 192.168.1.1/24Starting Nmap 6.40 ( http://nmap.org ) at 2017-01-08 12:58 CSTNmap scan report for 192.168.1.1Host is up (0.0038s latency).MAC Address: 8C:F2:28:4B:02:FA (Unknown)Nmap scan report for 192.168.1.100Host is up (0.075s latency).MAC Address: 74:23:44:07:63:BB (Unknown)Nmap scan report for 192.168.1.101Host is up (0.00037s latency).MAC Address: FC:F8:AE:5D:56:47 (Intel Corporate)Nmap scan report for 192.168.1.102Host is up (0.075s latency).MAC Address: 1C:48:CE:17:A2:87 (Unknown)Nmap scan report for 192.168.1.105Host is up (0.073s latency).MAC Address: 00:F8:1C:C3:7D:AE (Unknown)Nmap scan report for 192.168.1.107Host is up (0.11s latency).MAC Address: F4:09:D8:54:92:AA (Unknown)Nmap scan report for 192.168.1.211Host is up (0.00073s latency).MAC Address: 00:0C:29:9A:41:ED (VMware)Nmap scan report for 192.168.1.110Host is up.Nmap done: 256 IP addresses (8 hosts up) scanned in 2.43 seconds

通过半开放模式或全开放模式扫描主机所有可以检测到的端口

注意：-p参数是端口范围，默认是1-1024

nmap -sS  192.168.1.101 -p 0-9000Starting Nmap 6.40 ( http://nmap.org ) at 2017-01-08 12:55 CSTNmap scan report for 192.168.1.101Host is up (0.0020s latency).Not shown: 8996 filtered portsPORT     STATE SERVICE135/tcp  open  msrpc139/tcp  open  netbios-ssn445/tcp  open  microsoft-ds1540/tcp open  rds3389/tcp open  ms-wbt-serverMAC Address: FC:F8:AE:5D:56:47 (Intel Corporate)

# nmap -sU  192.168.1.101 -p 0-9000Starting Nmap 6.40 ( http://nmap.org ) at 2017-01-08 13:02 CSTNmap scan report for 192.168.1.101Host is up (0.00080s latency).Not shown: 9000 open|filtered portsPORT    STATE SERVICE137/udp open  netbios-nsMAC Address: FC:F8:AE:5D:56:47 (Intel Corporate)Nmap done: 1 IP address (1 host up) scanned in 24.10 seconds