nmap interview questions
Top nmap frequently asked interview questions
I am trying to detect if my iPhone is in the same network as my Raspberry Pi. I would like to execute a script when I am at home and my iPhone's presence is registered in my LAN.
It seems that when the phone is in standby not even the iphone-sync port (6207/tcp) is found. "/usr/bin/nmap -n -sT -p62078 [my phone's local IP]" shows no host. I wonder what else I could scan for. Obviously the phone is online and ready to accept facetime calls (data via 3G is deactivated). Could I accomplish something with avahi which I am using on my Raspberry Pi, or are there other ways.
Source: (StackOverflow)
I can telnet to a certain host and port no problem and issue commands. However when i try to script a socket connection (using nmap NSE and Lua) to the same host and port, it fails with the following error message:
|_sockettest: Trying to receive through a closed socket
the socket connect part of my code is here:
local msg
local response
msg = "hello\n"
local socket = nmap.new_socket()
socket:set_timeout(150000)
socket:send(msg)
response,data = socket:receive()
return data
I think the data is sending ok. The server should just echo back what i sent. Does anyone know what the problem could be?
Source: (StackOverflow)
I'm needing to ping about 2500 servers at one time, in intervals of about 15-30 minutes. This is to show semi-real time server status information. This could potentially scale to tens of thousands of sites eventually, so I need to keep that in mind while thinking about this.
I'm using an Ubuntu 10.10 VPS (Bash) and using Ruby.
Is there any way to go about doing this?
Edit: I should also note that I only care if the server is online. So first packet received should suffice.
Source: (StackOverflow)
I tried googling for this but i didnt find anything... I am building a port scanner and i would like to make it so, that i can scan a network range e.g 192.168.2.* and find out how many computers are on that range that are online. Alot like Nmap. I am programming in python. Is this possible in Python?
Source: (StackOverflow)
Is there an NMap wrapper implementation for Java ? I searched for it but could not find one. I want to scan network and detect applications running based on some port's state. I guess this must be a pretty common problem.
If its not nmap, then can somebody suggest alternate tools to detect the same.
Thanking in advance.
Source: (StackOverflow)
I am trying to create a shell script to block all apple devices on my network. I am using nmap
for os detection. What I have so far is this:
while (true) do
nmap -O -T4 -p 22,80 -v 172.20.0.0/24 | grep -B9 'OS details: Apple' | \
grep 'Nmap scan report for' | cut -f4 -d'r' | cut -f2 -d' ' | \
iptables -i wlan0 -A INPUT -j DROP -s
sleep 10
done
Is there a way to simplify this at all so there is less grepping and cutting involved?
Also, this script will run into errors if there are more than one or zero apple devices found on the network. Is it possible to add logic for that?
Source: (StackOverflow)
I'm wanting to find computers with ssh open on my subnet but it shows all host that are up in the results and not just the ones that have open ports this is my command
nmap -PN -p 22 --open -oG - 192.168.*.* | awk '{print $2}' > sshopen.txt
Thanks
Source: (StackOverflow)
I was learning how to use nmap and i have gone through many documentations and tutorials but no where iam getting perfect information about what is the use of -sS and -PS. In general what is the differences between all -s 's and -P 's? Both are for scanning right?
sudo nmap -sS 192.168.0.50
sudo nmap -PS 192.168.0.50
Whats the difference between both of them?
Thanks in advance.
Source: (StackOverflow)
I have a list of remote machines in a text files. Can I know their MAC addresses using nmap ?
Source: (StackOverflow)
I am trying to scan a large set of domain names using nmap. I used the following command:
Nmap -PN -p443 -sS -T5 -oX out.xml -iL in.csv
I get the following warning:
Warning: xx.xx.xx.xx giving up on port because retransmission cap hit (2).
Why does this happen? How to resolve the issue ?
Source: (StackOverflow)
I'd like to audit the equipment of my large network in the fastest way possible. Should i use Nmap::Parser
or Nmap::Scanner
?
I want to create a list of IP addresses that return a ping as well as a related OS footprint and identification.
Example:
ping 192.168.*.*
Then when I get a successful ping, store the IP address in a hash along with a guess of what the OS is
Source: (StackOverflow)
I need to make a bash script that will give me a list of true or false depending on the address it scanned.
Right now I have this simple script
#!/bin/bash
input="/root/file1"
input2="/root/file2"
paste -d, file{1,2}.txt | while IFS=, read x y;
do nmap -sV --version-light --script ssl-poodle -p $y $x
if something(detects its vulnerable)
echo "true">>file3.txt
else (not vulnerable)
echo "false">>fie3.txt
done
the information nmap returns when vulerable is
Nmap scan report for ip
Host is up (0.044s latency).
PORT STATE SERVICE VERSION
port/tcp open ssl/http Microsoft IIS
| ssl-poodle:
| VULNERABLE:
| SSL POODLE information leak
| State: VULNERABLE
Is there a way to detect the word vulnerable, or what would be the best way to do it?
Source: (StackOverflow)
I am trying to search the word "hop"
from the traceroute output, but somehow its not displaying that line on console. Please let me know where I am going wrong.
Here is my code:
import java.io.*;
public class TestExec {
public static void main(String[] args) {
try {
String[] cmdarray = { "nmap", "--traceroute", "nmap.org" };
Process p = Runtime.getRuntime().exec(cmdarray);
BufferedReader in = new BufferedReader(new InputStreamReader(
p.getInputStream()));
String line = null;
while ((line = in.readLine()) != null) {
if (line.contains("hop")) {
System.out.println(line);
}
}
} catch (IOException e) {
e.printStackTrace();
}
}
}
Source: (StackOverflow)
When I use this command which IP addresed are scanned
# nmap -sP 192.168.0.120/25
CAn you please help me how to get the IP range when I have the addres and subnet. Because I am trying to understand this, but no result till now..Thanks in advance
Source: (StackOverflow)
I need to filter with sed only the ports from /usr/share/nmap/nmap-services
tcpmux 1/tcp 0.001995 # TCP Port Service Multiplexer [rfc-1078]
compressnet 2/tcp 0.000013 # Management Utility
compressnet 3/tcp 0.001242 # Compression Process
unknown 4/tcp 0.000477
unknown 6/tcp 0.000502
echo 7/tcp 0.004855
unknown 8/tcp 0.000013
discard 9/tcp 0.003764 # sink null
unknown 10/tcp 0.000063
systat 11/tcp 0.000075 # Active Users
I've tryed something like (!?([0-9]+/tcp))
But it wont work: why?
Thank you
Source: (StackOverflow)