如何使用 Nmap 检索 TCP 和 UDP 端口? [英] How to retrieve both TCP and UDP ports with Nmap?
问题描述
我需要在使用 Nmap 的同一扫描中以最快的方式检索 TCP 和 UDP 端口.我会试着更好地解释它.如果我使用最常用的命令:
I need to retrieve both TCP and UDP ports in the same scan with Nmap in the fastest way possible. I'll try to explain it better. If I use the most common command:
nmap 192.168.1.1
它只检索 TCP 端口,而且速度非常快.
It retrieves ONLY TCP ports and it is really fast.
如果我使用以下命令:
nmap -sU 192.168.1.1
它只检索 UDP 端口,而且速度相当快(虽然不是那么快,但仍然如此).
It retrieves ONLY UDP ports and it is quite fast (well not so fast but still).
我的问题:是否有两个命令的组合?我试过了:
My question: is there a combination of the two commands? I tryed:
nmap -sU -sS 192.168.1.1
nmap -sU -sT 192.168.1.1
但它们非常慢.
我正在使用 Nmap 5.51,有什么建议吗?
I am using Nmap 5.51, any suggestion?
推荐答案
如您所见,UDP 扫描很慢,因为打开/过滤的端口通常不会响应,因此 nmap 必须超时然后重新传输,而关闭的端口将发送 ICMP 端口不可达错误,系统通常会限制该错误.
As you've seen, UDP scanning is slow as open/filtered ports typically don't respond so nmap has to time out and then retransmit whilst closed ports will send a ICMP port unreachable error, which systems typically rate limit.
您可以添加 -T 开关来提高扫描速度,但这可能会降低准确性并使其更易于检测.
You can add the -T switch to increase the speed of the scan, though this may reduce accuracy and make it easier to detect.
-T<0-5>:设置时序模板(越高越快)
-T<0-5>: Set timing template (higher is faster)
-PN 将关闭 ping 扫描元素
-PN will turn off the ping scan element
您还可以并行扫描更多主机,
You could also scan more hosts in parallel,
或使用 -p 开关或 --top-ports 减少您正在扫描的端口数,这将扫描在 nmap-services 文件中找到的最高比率端口.
or reduce the number of ports you're scanning with the -p switch or --top-ports , which will scan the highest-ratio ports found in the nmap-services file.
如果您正在扫描多个主机,您可以使用 --host-timeout 跳过慢速主机.
If you were scanning multiple hosts, you could use --host-timeout to skip slow hosts.
关于 TCP,-sS 应该比 -sT 快.
Regarding TCP, -sS should be quicker than -sT.
HTH!
这篇关于如何使用 Nmap 检索 TCP 和 UDP 端口?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!