nmap - 网络探测工具和安全/端口扫描器

网络安全课程上老师提到了一个端口扫描工具nmap，就测试使用了一下扫描这台服务器。

$ nmap -v -A 202.38.86.104

Starting Nmap 7.60 ( https://nmap.org ) at 2017-09-18 09:49 CST
NSE: Loaded 146 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 09:49
Completed NSE at 09:49, 0.00s elapsed
Initiating NSE at 09:49
Completed NSE at 09:49, 0.00s elapsed
Initiating Ping Scan at 09:49
Scanning 202.38.86.104 [2 ports]
Completed Ping Scan at 09:49, 0.00s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 09:49
Completed Parallel DNS resolution of 1 host. at 09:49, 0.00s elapsed
Initiating Connect Scan at 09:49
Scanning 202.38.86.104 [1000 ports]
Discovered open port 80/tcp on 202.38.86.104
Discovered open port 21/tcp on 202.38.86.104
Discovered open port 10001/tcp on 202.38.86.104
Discovered open port 8093/tcp on 202.38.86.104
Completed Connect Scan at 09:49, 4.41s elapsed (1000 total ports)
Initiating Service scan at 09:49
Scanning 4 services on 202.38.86.104
Completed Service scan at 09:49, 6.02s elapsed (4 services on 1 host)
NSE: Script scanning 202.38.86.104.
Initiating NSE at 09:49
Completed NSE at 09:49, 3.31s elapsed
Initiating NSE at 09:49
Completed NSE at 09:49, 0.00s elapsed
Nmap scan report for 202.38.86.104
Host is up (0.00094s latency).
Not shown: 993 filtered ports
PORT      STATE  SERVICE        VERSION
21/tcp    open   ftp            vsftpd 3.0.3
| ssl-cert: Subject: commonName=charles/organizationName=USTC/stateOrProvinceName=anhui/countryName=CN
| Issuer: commonName=charles/organizationName=USTC/stateOrProvinceName=anhui/countryName=CN
| Public Key type: rsa
| Public Key bits: 2048
| Signature Algorithm: sha256WithRSAEncryption
| Not valid before: 2017-03-02T02:31:21
| Not valid after:  2037-02-25T02:31:21
| MD5:   580d 7b65 9461 4bb6 bb82 9218 88e6 040b
|_SHA-1: 2169 c5e2 7d43 5ca3 aaa7 67fa d7e5 827c 812c d8b0
80/tcp    open   http           Apache httpd 2.4.27 ((Unix) PHP/7.1.9)
| http-methods: 
|   Supported Methods: GET POST OPTIONS HEAD TRACE
|_  Potentially risky methods: TRACE
|_http-server-header: Apache/2.4.27 (Unix) PHP/7.1.9
|_http-title: Welcome
5901/tcp  closed vnc-1
8000/tcp  closed http-alt
8093/tcp  open   http           Tornado httpd 4.5.1
| http-methods: 
|_  Supported Methods: GET POST
|_http-server-header: TornadoServer/4.5.1
| http-title: Jupyter Notebook
|_Requested resource was /login?next=%2Ftree%3F
8888/tcp  closed sun-answerbook
10001/tcp open   ssh            OpenSSH 7.5 (protocol 2.0)
| ssh-hostkey: 
|   2048 4b:bc:33:5c:1b:33:a3:25:3e:be:57:0f:90:1e:f8:7b (RSA)
|   256 ca:35:84:db:04:17:79:5e:4d:16:28:08:76:4d:b8:98 (ECDSA)
|_  256 1a:2a:fc:a9:ec:c9:e1:ed:9d:17:d8:d7:81:a9:92:90 (EdDSA)
Service Info: OS: Unix

NSE: Script Post-scanning.
Initiating NSE at 09:49
Completed NSE at 09:49, 0.00s elapsed
Initiating NSE at 09:49
Completed NSE at 09:49, 0.00s elapsed
Read data files from: /usr/bin/../share/nmap
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 14.55 seconds

这个工具真的有点厉害。