halo gan, ane disini admin baru :D
nick ane fall9100 :D
disini ane mau ngasih tutor tentang penggunaan NMAP(Network Mapper)
oke mulai saja ya :D
THE EYE OF NMAP
1.1. Pengertian NMAP
Nmap (Network Mapper) adalah sebuah program open source yang bergunauntuk
mengesksplorasi jaringan.
- Nmap didesain untuk dapat melakukan scan jaringan yang besar, juga dapat
digunakan untuk melakukan scan host tunggal.
- Nmap menggunakan paket IP untuk menentukan host- host yang aktif dalam suatu
jaringan,port-port yang terbuka, sistem operasi yang dipunyai, tipe firewall yang
dipakai, dll.
Keunggulan-keunggulan yang dimiliki oleh Nmap:
- Powerful
- Nmap dapat digunakan untuk men-scan jaringan yang besar
- Portable
- Nmap dapat berjalan di berbagai macam sistem operasi seperti Linux, Windows,
- FreeBSD, OpenBSD, Solaris, dll
- Mudah untuk digunakan
- Free
- Mempunyai dokumentasi yang baik
Syntax : nmap [Scan Type(s)] [Options] {target specification}
1.2. Perintah-perintah dasar
1.2.1 Perintah dasar NMAP
#nmap [host]
[root@bt]# nmap 192.168.1.11
Starting Nmap 5.50 ( http://nmap.org ) at 20120122
16:00 WIT
Nmap scan report for 192.168.1.11
Host is up (0.0066s latency).
Not shown: 998 closed ports
PORT STATE SERVICE
21/tcp open ftp
3128/tcp open squidhttp
MAC Address: 30:2D:BD:92:AE:51 (Unknown)
Nmap done: 1 IP address (1 host up) scanned in 1.78
seconds
1.2.2. Help Command
Untuk melihat menu list command
#nmap h
1.2.3. Multi IP Scanning
Untuk scanning lebih dari satu IP
#nmap [host1] [host2] [host3]
[root@bt]# nmap 192.168.1.11 192.168.1.4 192.168.1.6
Starting Nmap 5.50 ( http://nmap.org ) at 20120122 16:02 WIT
Nmap scan report for 192.168.1.11
Host is up (0.0090s latency).
Not shown: 998 closed ports
PORT STATE SERVICE
21/tcp open ftp
3128/tcp open squidhttp
MAC Address: 30:2D:BD:92:AE:51 (Unknown)
Nmap scan report for 192.168.1.4
Host is up (0.000010s latency).
Not shown: 999 closed ports
PORT STATE SERVICE
22/tcp open ssh
Nmap scan report for 192.168.1.6
Host is up (0.029s latency).
Not shown: 784 closed ports, 214 filtered ports
PORT STATE SERVICE
22/tcp open ssh
62078/tcp open iphonesync
MAC Address: 90:27:E4:83:2F:F3 (Apple)
Nmap done: 3 IP addresses (3 hosts up) scanned in 8.78 seconds
1.2.4. [-O] Operating System
#nmap O [ target IP ]
memerintahkan nmap untuk mendeteksi operating system target
[root@bt]# nmap O 192.168.1.4
Starting Nmap 5.50 ( http://nmap.org ) at 20120122
16:34 WIT
Nmap scan report for 192.168.1.4
Host is up (0.000098s latency).
Not shown: 999 closed ports
PORT STATE SERVICE
22/tcp open ssh
No exact OS matches for host (If you know what OS is
running on it, see http://nmap.org/submit/ ).
TCP/IP fingerprint:
OS:SCAN(V=5.50%D=1/22%OT=22%CT=1%CU=43741%PV=Y%DS=0%DC=L
%G=Y%TM=4F1BD823%P=
OS:i386redhatlinuxgnu)SEQ(SP=107%GCD=1%ISR=10#nmap
[host]
[root@bt]# nmap 192.168.1.11
Starting Nmap 5.50 ( http://nmap.org ) at 20120122
16:00 WIT
Nmap scan report for 192.168.1.11
Host is up (0.0066s latency).
Not shown: 998 closed ports
PORT STATE SERVICE
21/tcp open ftp
3128/tcp open squidhttp
MAC Address: 30:2D:BD:92:AE:51 (Unknown)
Nmap done: 1 IP address (1 host up) scanned in 1.78
seconds
1.2.5. [-PN] not Ping
Memerintahkan nmap melakukan scanning tanpa melakukan ping , sehingga proses
akan lebih sederhana
#nmap PN [ target IP ]
[root@bt]# nmap PN 192.168.1.6
Starting Nmap 5.50 ( http://nmap.org ) at 20120122 16:06 WIT
Nmap scan report for 192.168.1.6
Host is up (0.0022s latency).
Not shown: 998 closed ports
PORT STATE SERVICE
22/tcp open ssh
62078/tcp open iphonesync
MAC Address: 90:27:E4:83:2F:F3 (Apple)
Nmap done: 1 IP address (1 host up) scanned in 6.48 seconds
1.2.6. [-sV] service
Memerintahkan nmap melakukan scanning dengan menampilkan informasi dari
service tertentu
#nmap sV [ target IP ]
[root@zee zee]# nmap sV 192.168.1.4
Starting Nmap 5.50 ( http://nmap.org ) at 20120122 16:40 WIT
Nmap scan report for 192.168.1.4
Host is up (0.000010s latency).
Not shown: 999 closed ports
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 5.6 (protocol 2.0)
Service detection performed. Please report any incorrect results
at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 0.69 seconds
1.2.7. [ -sn ] Up Host
Memerintahkan nmap untuk memeriksa apakah host tersebut up atau tidak.
Alangkah lebih baik jika diberikan tanda netmask untuk mengambil seluruh host
pada network range netmask tertentu
[root@bt]# nmap sn 192.168.1.4/24
Starting Nmap 5.50 ( http://nmap.org ) at 20120122 16:43 WIT
Nmap scan report for 192.168.1.1
Host is up (0.00024s latency).
MAC Address: C8:64:C7:4B:B8:D0 (Unknown)
Nmap scan report for 192.168.1.2
Host is up (0.059s latency).
MAC Address: 8C:7B:9D:63:48:AB (Unknown)
Nmap scan report for 192.168.1.4
Host is up.
Nmap scan report for 192.168.1.8
Host is up (0.046s latency).
MAC Address: 22:E2:51:9A:94:45 (Unknown)
Nmap scan report for 192.168.1.10
Host is up (0.048s latency).
MAC Address: 00:19:D2:45:4D:96 (Intel)
Nmap scan report for 192.168.1.50
Host is up (0.010s latency).
MAC Address: 00:1E:C1:4C:BF:F6 (3com Europe)
Nmap scan report for 192.168.1.59
Host is up (0.11s latency).
MAC Address: 1C:4B:D6:44:75:9D (AzureWave)
Nmap done: 256 IP addresses (7 hosts up) scanned in 3.52
seconds
1.2.8. [-sP] simple Ping
Memerintahkan nmap melakukan scanning dengan melakukan simple ping
#nmap sP [ target IP ]
[root@bt]# nmap sP 192.168.1.6
Starting Nmap 5.50 ( http://nmap.org ) at 20120122 16:09 WIT
Nmap scan report for 192.168.1.6
Host is up (0.016s latency).
MAC Address: 90:27:E4:83:2F:F3 (Apple)
Nmap done: 1 IP address (1 host up) scanned in 0.11 seconds
1.2.9. [-PR] ARP Ping Scan
Memerintahkan nmap melakukan ping scanning ARP (Address Resolution
Protocol) pada target host
#nmap PR [ target IP ]
[root@bt]# nmap PR 192.168.1.11
Starting Nmap 5.50 ( http://nmap.org ) at 20120122 16:13 WIT
Nmap scan report for 192.168.1.11
Host is up (0.0022s latency).
Not shown: 998 closed ports
PORT STATE SERVICE
21/tcp open ftp
3128/tcp open squidhttp
MAC Address: 30:2D:BD:92:AE:51 (Unknown)
Nmap done: 1 IP address (1 host up) scanned in 1.75 seconds
1.2.10. [-sS] TCP SYN stealth port scan (root)
#nmap sS [target IP]
[root@bt]# nmap sS 192.168.1.36
Starting Nmap 5.50 ( http://nmap.org ) at 20120122 15:53 WIT
Note: Host seems down. If it is really up, but blocking our ping
probes, try Pn
Nmap done: 1 IP address (0 hosts up) scanned in 0.50 seconds
[root@zee zee]# nmap sS 192.168.1.4
Starting Nmap 5.50 ( http://nmap.org ) at 20120122 15:53 WIT
Nmap scan report for 192.168.1.4
Host is up (0.000010s latency).
Not shown: 999 closed ports
PORT STATE SERVICE
22/tcp open ssh
Nmap done: 1 IP address (1 host up) scanned in 0.15 seconds
1.2.10. [-sT] TCP connect() port scan (default untuk unprivileged users)
#nmap –sT [target] Atau nmap T [flag] sT [target]
Parameternya :
-T adalah “Flag” / bendera untuk mengatur kecepatan scanning oleh Nmap.
0 yang terpelan dan 5 yang tercepat.
0 = Paranoid
1 = Sneaky
2 = Polite
3 = kecepatan normal, standard nmap
4 = Aggressive,mampu menembus firewall dan jaringan yang ter-filter.
5 = Insane
[root@bt]# nmap T 5 sT 192.168.1.11
Starting Nmap 5.50 ( http://nmap.org ) at 20120122
15:57 WIT
Nmap scan report for 192.168.1.11
Host is up (0.0017s latency).
Not shown: 998 closed ports
PORT STATE SERVICE
21/tcp open ftp
3128/tcp open squidhttp
MAC Address: 9A:4D:DF:8C:3A:B5 (Unknown)
Nmap done: 1 IP address (1 host up) scanned in 2.94
seconds
1.3. Opsi pada port scanning
[ –F ] [fast] memungkinkan nmap untuk melakukan scanning terhadap 100 port
pertama
#nmap f [host]
[ - P ] [port] memungkin nmap hanya melakukan scanning terhadap port tertentu
#nmap p[port] [hosts]
[root@bt]# nmap p21 192.168.1.11
Starting Nmap 5.50 ( http://nmap.org ) at 20120122 16:20 WIT
Nmap scan report for 192.168.1.11
Host is up (0.020s latency).
PORT STATE SERVICE
21/tcp open ftp
MAC Address: 30:2D:BD:92:AE:51 (Unknown)
Nmap done: 1 IP address (1 host up) scanned in 0.17 seconds
Untuk scanning lebih dari satu port anda bisa menambahkan tanda “koma” untuk
memisahkan antara port
[ root@bt]# nmap p21,3128 192.168.1.11
Starting Nmap 5.50 ( http://nmap.org ) at 20120122 16:22 WIT
Nmap scan report for 192.168.1.11
Host is up (0.045s latency).
PORT STATE SERVICE
21/tcp open ftp
3128/tcp open squidhttp
MAC Address: 30:2D:BD:92:AE:51 (Unknown)
Nmap done: 1 IP address (1 host up) scanned in 0.20 seconds
Atau anda bisa menambahkan tanda “-” untuk menentukan range
[root@bt]# nmap p213128 192.168.1.11
Starting Nmap 5.50 ( http://nmap.org ) at 20120122 16:24 WIT
Nmap scan report for 192.168.1.11
Host is up (0.0069s latency).
Not shown: 3106 closed ports
PORT STATE SERVICE
21/tcp open ftp
3128/tcp open squidhttp
MAC Address: 30:2D:BD:92:AE:51 (Unknown)
Nmap done: 1 IP address (1 host up) scanned in 2.59 seconds
Atau bahkan keduanya
[root@bt]# nmap p21,22,24,213128 192.168.1.11
Anda pun dapat menentukan port dengan memasukan nama servicenya
[root@bt]# nmap p ssh,ftp,http 192.168.1.11
Atau jika anda ingin melakukan scan ke seluruh ip
[root@bt]# nmap p “*” 192.168.1.11
Kemudian anda ingin melakukan scan dengan range tipe protocol tertentu
TCP
[root@bt]# nmap p T:10002000 192.168.1.11
UDP
[root@bt]# nmap p U:10002000 192.168.1.11
Lanjut Ke Part 2 disini
nick ane fall9100 :D
disini ane mau ngasih tutor tentang penggunaan NMAP(Network Mapper)
oke mulai saja ya :D
THE EYE OF NMAP
1.1. Pengertian NMAP
Nmap (Network Mapper) adalah sebuah program open source yang bergunauntuk
mengesksplorasi jaringan.
- Nmap didesain untuk dapat melakukan scan jaringan yang besar, juga dapat
digunakan untuk melakukan scan host tunggal.
- Nmap menggunakan paket IP untuk menentukan host- host yang aktif dalam suatu
jaringan,port-port yang terbuka, sistem operasi yang dipunyai, tipe firewall yang
dipakai, dll.
Keunggulan-keunggulan yang dimiliki oleh Nmap:
- Powerful
- Nmap dapat digunakan untuk men-scan jaringan yang besar
- Portable
- Nmap dapat berjalan di berbagai macam sistem operasi seperti Linux, Windows,
- FreeBSD, OpenBSD, Solaris, dll
- Mudah untuk digunakan
- Free
- Mempunyai dokumentasi yang baik
Syntax : nmap [Scan Type(s)] [Options] {target specification}
1.2. Perintah-perintah dasar
1.2.1 Perintah dasar NMAP
#nmap [host]
[root@bt]# nmap 192.168.1.11
Starting Nmap 5.50 ( http://nmap.org ) at 20120122
16:00 WIT
Nmap scan report for 192.168.1.11
Host is up (0.0066s latency).
Not shown: 998 closed ports
PORT STATE SERVICE
21/tcp open ftp
3128/tcp open squidhttp
MAC Address: 30:2D:BD:92:AE:51 (Unknown)
Nmap done: 1 IP address (1 host up) scanned in 1.78
seconds
1.2.2. Help Command
Untuk melihat menu list command
#nmap h
1.2.3. Multi IP Scanning
Untuk scanning lebih dari satu IP
#nmap [host1] [host2] [host3]
[root@bt]# nmap 192.168.1.11 192.168.1.4 192.168.1.6
Starting Nmap 5.50 ( http://nmap.org ) at 20120122 16:02 WIT
Nmap scan report for 192.168.1.11
Host is up (0.0090s latency).
Not shown: 998 closed ports
PORT STATE SERVICE
21/tcp open ftp
3128/tcp open squidhttp
MAC Address: 30:2D:BD:92:AE:51 (Unknown)
Nmap scan report for 192.168.1.4
Host is up (0.000010s latency).
Not shown: 999 closed ports
PORT STATE SERVICE
22/tcp open ssh
Nmap scan report for 192.168.1.6
Host is up (0.029s latency).
Not shown: 784 closed ports, 214 filtered ports
PORT STATE SERVICE
22/tcp open ssh
62078/tcp open iphonesync
MAC Address: 90:27:E4:83:2F:F3 (Apple)
Nmap done: 3 IP addresses (3 hosts up) scanned in 8.78 seconds
1.2.4. [-O] Operating System
#nmap O [ target IP ]
memerintahkan nmap untuk mendeteksi operating system target
[root@bt]# nmap O 192.168.1.4
Starting Nmap 5.50 ( http://nmap.org ) at 20120122
16:34 WIT
Nmap scan report for 192.168.1.4
Host is up (0.000098s latency).
Not shown: 999 closed ports
PORT STATE SERVICE
22/tcp open ssh
No exact OS matches for host (If you know what OS is
running on it, see http://nmap.org/submit/ ).
TCP/IP fingerprint:
OS:SCAN(V=5.50%D=1/22%OT=22%CT=1%CU=43741%PV=Y%DS=0%DC=L
%G=Y%TM=4F1BD823%P=
OS:i386redhatlinuxgnu)SEQ(SP=107%GCD=1%ISR=10#nmap
[host]
[root@bt]# nmap 192.168.1.11
Starting Nmap 5.50 ( http://nmap.org ) at 20120122
16:00 WIT
Nmap scan report for 192.168.1.11
Host is up (0.0066s latency).
Not shown: 998 closed ports
PORT STATE SERVICE
21/tcp open ftp
3128/tcp open squidhttp
MAC Address: 30:2D:BD:92:AE:51 (Unknown)
Nmap done: 1 IP address (1 host up) scanned in 1.78
seconds
1.2.5. [-PN] not Ping
Memerintahkan nmap melakukan scanning tanpa melakukan ping , sehingga proses
akan lebih sederhana
#nmap PN [ target IP ]
[root@bt]# nmap PN 192.168.1.6
Starting Nmap 5.50 ( http://nmap.org ) at 20120122 16:06 WIT
Nmap scan report for 192.168.1.6
Host is up (0.0022s latency).
Not shown: 998 closed ports
PORT STATE SERVICE
22/tcp open ssh
62078/tcp open iphonesync
MAC Address: 90:27:E4:83:2F:F3 (Apple)
Nmap done: 1 IP address (1 host up) scanned in 6.48 seconds
1.2.6. [-sV] service
Memerintahkan nmap melakukan scanning dengan menampilkan informasi dari
service tertentu
#nmap sV [ target IP ]
[root@zee zee]# nmap sV 192.168.1.4
Starting Nmap 5.50 ( http://nmap.org ) at 20120122 16:40 WIT
Nmap scan report for 192.168.1.4
Host is up (0.000010s latency).
Not shown: 999 closed ports
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 5.6 (protocol 2.0)
Service detection performed. Please report any incorrect results
at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 0.69 seconds
1.2.7. [ -sn ] Up Host
Memerintahkan nmap untuk memeriksa apakah host tersebut up atau tidak.
Alangkah lebih baik jika diberikan tanda netmask untuk mengambil seluruh host
pada network range netmask tertentu
[root@bt]# nmap sn 192.168.1.4/24
Starting Nmap 5.50 ( http://nmap.org ) at 20120122 16:43 WIT
Nmap scan report for 192.168.1.1
Host is up (0.00024s latency).
MAC Address: C8:64:C7:4B:B8:D0 (Unknown)
Nmap scan report for 192.168.1.2
Host is up (0.059s latency).
MAC Address: 8C:7B:9D:63:48:AB (Unknown)
Nmap scan report for 192.168.1.4
Host is up.
Nmap scan report for 192.168.1.8
Host is up (0.046s latency).
MAC Address: 22:E2:51:9A:94:45 (Unknown)
Nmap scan report for 192.168.1.10
Host is up (0.048s latency).
MAC Address: 00:19:D2:45:4D:96 (Intel)
Nmap scan report for 192.168.1.50
Host is up (0.010s latency).
MAC Address: 00:1E:C1:4C:BF:F6 (3com Europe)
Nmap scan report for 192.168.1.59
Host is up (0.11s latency).
MAC Address: 1C:4B:D6:44:75:9D (AzureWave)
Nmap done: 256 IP addresses (7 hosts up) scanned in 3.52
seconds
1.2.8. [-sP] simple Ping
Memerintahkan nmap melakukan scanning dengan melakukan simple ping
#nmap sP [ target IP ]
[root@bt]# nmap sP 192.168.1.6
Starting Nmap 5.50 ( http://nmap.org ) at 20120122 16:09 WIT
Nmap scan report for 192.168.1.6
Host is up (0.016s latency).
MAC Address: 90:27:E4:83:2F:F3 (Apple)
Nmap done: 1 IP address (1 host up) scanned in 0.11 seconds
1.2.9. [-PR] ARP Ping Scan
Memerintahkan nmap melakukan ping scanning ARP (Address Resolution
Protocol) pada target host
#nmap PR [ target IP ]
[root@bt]# nmap PR 192.168.1.11
Starting Nmap 5.50 ( http://nmap.org ) at 20120122 16:13 WIT
Nmap scan report for 192.168.1.11
Host is up (0.0022s latency).
Not shown: 998 closed ports
PORT STATE SERVICE
21/tcp open ftp
3128/tcp open squidhttp
MAC Address: 30:2D:BD:92:AE:51 (Unknown)
Nmap done: 1 IP address (1 host up) scanned in 1.75 seconds
1.2.10. [-sS] TCP SYN stealth port scan (root)
#nmap sS [target IP]
[root@bt]# nmap sS 192.168.1.36
Starting Nmap 5.50 ( http://nmap.org ) at 20120122 15:53 WIT
Note: Host seems down. If it is really up, but blocking our ping
probes, try Pn
Nmap done: 1 IP address (0 hosts up) scanned in 0.50 seconds
[root@zee zee]# nmap sS 192.168.1.4
Starting Nmap 5.50 ( http://nmap.org ) at 20120122 15:53 WIT
Nmap scan report for 192.168.1.4
Host is up (0.000010s latency).
Not shown: 999 closed ports
PORT STATE SERVICE
22/tcp open ssh
Nmap done: 1 IP address (1 host up) scanned in 0.15 seconds
1.2.10. [-sT] TCP connect() port scan (default untuk unprivileged users)
#nmap –sT [target] Atau nmap T [flag] sT [target]
Parameternya :
-T adalah “Flag” / bendera untuk mengatur kecepatan scanning oleh Nmap.
0 yang terpelan dan 5 yang tercepat.
0 = Paranoid
1 = Sneaky
2 = Polite
3 = kecepatan normal, standard nmap
4 = Aggressive,mampu menembus firewall dan jaringan yang ter-filter.
5 = Insane
[root@bt]# nmap T 5 sT 192.168.1.11
Starting Nmap 5.50 ( http://nmap.org ) at 20120122
15:57 WIT
Nmap scan report for 192.168.1.11
Host is up (0.0017s latency).
Not shown: 998 closed ports
PORT STATE SERVICE
21/tcp open ftp
3128/tcp open squidhttp
MAC Address: 9A:4D:DF:8C:3A:B5 (Unknown)
Nmap done: 1 IP address (1 host up) scanned in 2.94
seconds
1.3. Opsi pada port scanning
[ –F ] [fast] memungkinkan nmap untuk melakukan scanning terhadap 100 port
pertama
#nmap f [host]
[ - P ] [port] memungkin nmap hanya melakukan scanning terhadap port tertentu
#nmap p[port] [hosts]
[root@bt]# nmap p21 192.168.1.11
Starting Nmap 5.50 ( http://nmap.org ) at 20120122 16:20 WIT
Nmap scan report for 192.168.1.11
Host is up (0.020s latency).
PORT STATE SERVICE
21/tcp open ftp
MAC Address: 30:2D:BD:92:AE:51 (Unknown)
Nmap done: 1 IP address (1 host up) scanned in 0.17 seconds
Untuk scanning lebih dari satu port anda bisa menambahkan tanda “koma” untuk
memisahkan antara port
[ root@bt]# nmap p21,3128 192.168.1.11
Starting Nmap 5.50 ( http://nmap.org ) at 20120122 16:22 WIT
Nmap scan report for 192.168.1.11
Host is up (0.045s latency).
PORT STATE SERVICE
21/tcp open ftp
3128/tcp open squidhttp
MAC Address: 30:2D:BD:92:AE:51 (Unknown)
Nmap done: 1 IP address (1 host up) scanned in 0.20 seconds
Atau anda bisa menambahkan tanda “-” untuk menentukan range
[root@bt]# nmap p213128 192.168.1.11
Starting Nmap 5.50 ( http://nmap.org ) at 20120122 16:24 WIT
Nmap scan report for 192.168.1.11
Host is up (0.0069s latency).
Not shown: 3106 closed ports
PORT STATE SERVICE
21/tcp open ftp
3128/tcp open squidhttp
MAC Address: 30:2D:BD:92:AE:51 (Unknown)
Nmap done: 1 IP address (1 host up) scanned in 2.59 seconds
Atau bahkan keduanya
[root@bt]# nmap p21,22,24,213128 192.168.1.11
Anda pun dapat menentukan port dengan memasukan nama servicenya
[root@bt]# nmap p ssh,ftp,http 192.168.1.11
Atau jika anda ingin melakukan scan ke seluruh ip
[root@bt]# nmap p “*” 192.168.1.11
Kemudian anda ingin melakukan scan dengan range tipe protocol tertentu
TCP
[root@bt]# nmap p T:10002000 192.168.1.11
UDP
[root@bt]# nmap p U:10002000 192.168.1.11
Lanjut Ke Part 2 disini