NMAP
åå
æ¦è¦
ãã¼ã«èª¬æ
ãªãã·ã§ã³æ¦è¦
ã¿ã¼ã²ããã®æå®
ãã¹ãã®çºè¦
ãã¼ãã¹ãã£ã³ã®åºæ¬
ãã¼ãã¹ãã£ã³ã®ãã¯ããã¯
ãã¼ãã®æå®ã¨ã¹ãã£ã³ã®é åº
ãµã¼ãã¹ã¨ãã¼ã¸ã§ã³ã®æ¤åº
OS æ¤åº
ã¿ã¤ãã³ã°ã¨ããã©ã¼ãã³ã¹
ãã¡ã¤ã¢ã¦ã©ã¼ã«/IDS ã®åé¿ã¨ã¹ãã¼ãã£ã³ã°
åºå
ãã®ä»ã®ãªãã·ã§ã³
å®è¡æã®å¯¾è©±åæä½
使ç¨ä¾
ãã°
ä½è
æ³çéç¥äºé
注è¨
åå
nmap − ãããã¯ã¼ã¯èª¿æ»ãã¼ã«ããã³ã»ãã¥ãªãã£/ãã¼ã ã¹ãã£ã
æ¦è¦
|
nmap [ã¹ãã£ã³ã¿ã¤ã…] [ãªãã·ã§ã³] {ã¿ã¼ã²ããã®æå®} |
ãã¼ã«èª¬æ
Nmap (ãNetwork Mapperã)ã¯ããããã¯ã¼ã¯èª¿æ»ããã³ã»ã- ã¥ãªãã£ç£æ»ãè¡ãããã®ãªã¼ãã³ã½ã¼ã¹ã®ãã¼ã«ã§ããã大è¦æ¨¡ãããã¯ã¼ã¯ãé«éã§ã¹ã- ã£ã³ããããã«è¨- è¨ããã¦ããããåä¸ã®ãã¹ãã«å¯¾ãã¦ãã¾ã£ããåé¡ãªãæ©è½ãããNmapã¯çã®(raw)IPãã±ãããç¨ãã¦ããããã¯ã¼ã¯ä¸ã§ã©ã®ãããªãã¹ããå©ç¨å¯è½ã«ãªã£ã¦ãããããããã®ãã¹ããæä¾ãã¦ãããµã¼ãã¹(ã¢ããªã±ã¼ã·ã§ã³åã¨ãã¼ã¸ã§ã³)ã¯ä½ãããã¹ããå®è¡ãã¦ããOS(OSåã¨ãã¼ã¸ã§ã³)ã¯ä½ããã©ã®ãããªç¨®é¡ã®ãã±ãããã£ã«ã¿/ãã¡ã¤ã¢ã¦ã©ã¼ã«ã使ç¨ããã¦ããããªã©ããã®ä»æ°å¤ãã®ç¹å¾´ãæ¬æ°ãªæ¹æ³ã§å¤å¥ãããNmapã¯ãã»ã- ã¥ãªãã£ç£æ»ç¨ã«åºãå©ç¨ããã¦ããã°ããã§ãªãããããã¯ã¼ã¯ã»ã¤ã³ãã³ããª(è³ç£æå ±åé)ããµã¼ãã¹ã®ã¢ããã°ã¬ã¼ãäºå®ç®¡çããã¹ãããµã¼ãã¹ã®ã¢ããã¿ã¤ã (å©ç¨å¯è½æé)ã®ç£è¦ç- ã®æ¥å¸¸æ¥åã«Nmapãå½¹ç«ã¦ã¦ããã·ã¹ãã 管çèããããã¯ã¼ã¯ç®¡çèãå¤ãã
Nmapã¯ãã¹ã- ã£ã³èª¿æ»å¯¾è±¡ã®ä¸è¦§ãã使ç¨ãããªãã·ã§ã³ã«å¿ããè£è¶³æå ±ã¨ã¨ãã«åºåããããã®ãªãã§æãéè¦ãªæå ±ã¯ããinteresting ports tableã(èå³æ·±ããã¼ãã®ä¸è¦§è¡¨)ã§ããããã®ä¸è¦§è¡¨ã«ã¯ããã¼ãçªå·ããã- ãã³ã«ããµã¼ãã¹åãç¶æãè¨è¼ããã¦ãããç¶æã¯ãopenãfilteredãclosedãã¾ãã¯unfilteredã®ããããã«ãªããopen(éãã)ãã¼ãã¯ã調æ»å¯¾è±¡ãã·ã³ä¸ã®ã¢ããªã±ã¼ã·ã§ã³ããã®ãã¼ãä¸ã§æ¥ç¶/ãã±ãããå¾ã¡åãã¦ããç¶æã§ãããã¨ã示ãã Filtered(ãã£ã«ã¿ãã)ã¯ããã¡ã¤ã¢ã¦ã©ã¼ã«ããã£ã«ã¿ãªã©ã®ãããã¯ã¼ã¯ä¸ã®éå£ã§ãã¼ããé®ããã¦ããç¶æã«ããããã¼ããéãã¦ãããéãã¦ããããNmapãå¤æ- ã§ããªããã¨ãæå³ãããClosed(éãã)ãã¼ãã«ã¯ãå¾ã¡åãç¶æã®ã¢ããªã±ã¼ã·ã§ã³ã¯ä½ããªããããããã¯ãã¤ã§ãéæ¾ãããã¨ãå¯è½ã§ããããã¼ããNmapã®ãã- ã¼ãã«ã¯å¿çããããéãã¦ãããéãã¦ããããNmapãå¤å¥ã§ããªãå ´åã«ã¯ unfilteredã«åé¡ãããããã¼ãã®ç¶æãopen|filteredãclosed|filteredã®ããã«ã2ã¤ã®ç¶æã®çµã¿åããã§å ±åãããã®ã¯ããã®ã©ã¡ãããã¼ãã®ç¶æã表ãã¦ããããNmapãå¤æ- ã§ããªãå ´åã§ãããã¾ããã®ãã¼ãä¸è¦§è¡¨ã«ã¯ããã¼ã¸ã§ã³ã®æ¤åºãæ±ããããå ´åã«ã¯ãã½ããã¦ã§ã¢ã®ãã¼ã¸ã§ã³æå ±ãè¨è¼ããããIPãã- ãã³ã«ã¹ã- ã£ã³(−sO)ãè¦æ±ãããå ´åã«ã¯ããã¼ããä¸è¦§è¡¨ç¤ºããã®ã§ã¯ãªãã対å¿å¯è½ãªIPãã- ãã³ã«ã«é¢ããæå ±ãæä¾ãããã
Nmapã¯ããã®ãã¼ãä¸è¦§è¡¨ä»¥å¤ã«ããéå¼ãDNSåãOSã®æ¨æ¸¬ãããã¤ã¹ã®ç¨®é¡ãMACã¢ãã¬ã¹ãªã©ã®ã調æ»å¯¾è±¡ã«é¢ããããã«è©³ç´°ãªæå ±ãæä¾ã§ããã
å¸åçãªNmapã¹ãã£ã³ã®ä¾ãã以ä¸ã® ä¾1ãNmapã¹ã- ã£ã³ã®å¸åçãªä¾ãã«ç¤ºããããã®ä¾ã§ä½¿ç¨ããã¦ããNmapã®å¼æ°ã¯ãOSã¨ãã®ãã¼ã¸ã§ã³ã®æ¤åºãå¯è½ã«ãã−Aã¨ãå¦çãé«éã«å®è¡ããããã®−T4ãããã³ï¼ã¤ã®ã¿ã¼ã²ãããã¹ãåã ãã§ããã
ä¾1 Nmapã¹ãã£ã³ã®å¸åçãªä¾
# nmap −A −T4 scanme.nmap.org playground
Starting nmap ( https://nmap.org/ )
Interesting ports on scanme.nmap.org (205.217.153.62):
(The 1663 ports scanned but not shown below are in state: filtered)
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 3.9p1 (protocol 1.99)
53/tcp open domain
70/tcp closed gopher
80/tcp open http Apache httpd 2.0.52 ((Fedora))
113/tcp closed auth
Device type: general purpose
Running: Linux 2.4.X|2.5.X|2.6.X
OS details: Linux 2.4.7 − 2.6.11, Linux 2.6.0 − 2.6.11
Uptime 33.908 days (since Thu Jul 21 03:38:03 2005)
Interesting ports on playground.nmap.org (192.168.0.40):
(The 1659 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE VERSION
135/tcp open msrpc Microsoft Windows RPC
139/tcp open netbios−ssn
389/tcp open ldap?
445/tcp open microsoft−ds Microsoft Windows XP microsoft−ds
1002/tcp open windows−icfw?
1025/tcp open msrpc Microsoft Windows RPC
1720/tcp open H.323/Q.931 CompTek AquaGateKeeper
5800/tcp open vnc−http RealVNC 4.0 (Resolution 400×250; VNC TCP port: 5900)
5900/tcp open vnc VNC (protocol 3.8)
MAC Address: 00:A0:CC:63:85:4B (Lite−on Communications)
Device type: general purpose
Running: Microsoft Windows NT/2K/XP
OS details: Microsoft Windows XP Pro RC1+ through final release
Service Info: OSs: Windows, Windows XP
Nmap finished: 2 IP addresses (2 hosts up) scanned in 88.392 seconds
Nmapã®ææ°ãã¼ã¸ã§ã³ã¯ã- https://nmap.org/ããå¥æã§ãããã¾ããæ¬ããã¥ã¢ã«ãã¼ã¸ã®ææ°çã¯ã- https://nmap.org/man/ã§åç§ã§ããã
ãªãã·ã§ã³æ¦è¦
ãã®ãªãã·ã§ã³æ¦è¦ã¯ãNmapãå¼æ°ãªãã§å®è¡ããã¨è¡¨ç¤ºããããææ°çã¯- https://nmap.org/data/nmap.usage.txtã§åç§ã§ããããããè¦ãã¨ãæ¯è¼çå©ç¨æ©ä¼ã®å¤ããªãã·ã§ã³ã«ã¤ãã¦ã®æ¦è¦ã確èªã§ããããæ¬ããã¥ã¢ã«ã®ä»¥ä¸ã«æ²è¼ãã詳細ãªè§£èª¬ã«ä»£ãããã®ã§ã¯ãªãã使ç¨é »åº¦ã®ä½ããªãã·ã§ã³ã«ã¯ãããã«å«ã¾ãã¦ããªããã®ãããã
Usage: nmap [Scan Type(s)] [Options] {target specification}
TARGET SPECIFICATION:
Can pass hostnames, IP addresses, networks, etc.
Ex: scanme.nmap.org, microsoft.com/24, 192.168.0.1; 10.0.0−255.1−254
−iL
−iR
−−exclude
−−excludefile
HOST DISCOVERY:
−sL: List Scan − simply list targets to scan
−sP: Ping Scan − go no further than determining if host is online
−P0: Treat all hosts as online −− skip host discovery
−PS/PA/PU [portlist]: TCP SYN/ACK or UDP discovery to given ports
−PE/PP/PM: ICMP echo, timestamp, and netmask request discovery probes
−n/−R: Never do DNS resolution/Always resolve [default: sometimes]
SCAN TECHNIQUES:
−sS/sT/sA/sW/sM: TCP SYN/Connect()/ACK/Window/Maimon scans
−sN/sF/sX: TCP Null, FIN, and Xmas scans
−−scanflags
−sI
−sO: IP protocol scan
−b
PORT SPECIFICATION AND SCAN ORDER:
−p
Ex: −p22; −p1−65535; −p U:53,111,137,T:21−25,80,139,8080
−F: Fast − Scan only the ports listed in the nmap−services file)
−r: Scan ports consecutively − don’t randomize
SERVICE/VERSION DETECTION:
−sV: Probe open ports to determine service/version info
−−version−light: Limit to most likely probes for faster identification
−−version−all: Try every single probe for version detection
−−version−trace: Show detailed version scan activity (for debugging)
OS DETECTION:
−O: Enable OS detection
−−osscan−limit: Limit OS detection to promising targets
−−osscan−guess: Guess OS more aggressively
TIMING AND PERFORMANCE:
−T[0−6]: Set timing template (higher is faster)
−−min−hostgroup/max−hostgroup
−−min−parallelism/max−parallelism
−−min−rtt−timeout/max−rtt−timeout/initial−rtt−timeout
probe round trip time.
−−host−timeout
−−scan−delay/−−max−scan−delay
FIREWALL/IDS EVASION AND SPOOFING:
−f; −−mtu
−D
−S
−e
−g/−−source−port
−−data−length
−−ttl
−−spoof−mac
OUTPUT:
−oN/−oX/−oS/−oG
−oA
−v: Increase verbosity level (use twice for more effect)
−d[level]: Set or increase debugging level (Up to 9 is meaningful)
−−packet−trace: Show all packets sent and received
−−iflist: Print host interfaces and routes (for debugging)
−−append−output: Append to rather than clobber specified output files
−−resume
−−stylesheet
−−no−stylesheet: Prevent associating of XSL stylesheet w/XML output
MISC:
−6: Enable IPv6 scanning
−A: Enables OS detection and Version detection
−−datadir
−−send−eth/−−send−ip: Send using raw ethernet frames or IP packets
−−privileged: Assume that the user is fully privileged
−V: Print version number
−h: Print this help summary page.
EXAMPLES:
nmap −v −A scanme.nmap.org
nmap −v −sP 192.168.0.0/16 10.0.0.0/8
nmap −v −iR 10000 −P0 −p 80
ã¿ã¼ã²ããã®æå®
Nmapã®ã³ãã³ãã©ã¤ã³ã§ããªãã·ã§ã³(ãããã¯ãªãã·ã§ã³ã®å¼æ°)ã§ãªããã®ã¯ãã¹ã¦ãã¿ã¼ã²ãããã¹ãã®æå®ã¨ãã¦æ±ããããæãç°¡åãªä¾ã¯ãã¹ã- ã£ã³ãè¡ãã¿ã¼ã²ããã®IPã¢ãã¬ã¹ããã¹ãåã®æå®ã§ããã
é£æ¥ããè¤æ°ã®ãã¹ãããæããããã¯ã¼ã¯å¨ä½ãã¹ã- ã£ã³å¯¾è±¡ã¨ãããå ´åã¯ãCIDR表è¨ã®ã¢ãã¬ã¹æå®ãå©ç¨ã§ãããIPã¢ãã¬ã¹ããã¹ãåã®æ«å°¾ã«bitæ°ãä»å ããã¨ãNmapã¯ãã¢ãã¬ã¹ã®ä¸ä½ããæå®ããbitæ°ã¾ã§ãåç§ããIPã¢ãã¬ã¹ãç¹å®ã®ãã¹ãåã¨åãã¢ãã¬ã¹ããã¹ã¦ã¹ã- ã£ã³ãããä¾ãã°ã192.168.10.0/24ãæå®ãã㨠192.168.10.0 (ï¼é²è¡¨ç¤ºï¼ 11000000 10101000 00001010 00000000)ãã192.168.10.255 (ï¼é²è¡¨ç¤ºï¼ 11000000 10101000 00001010 11111111)ã¾ã§ã®ï¼ï¼ï¼ã®ãã¹ããã¹ã- ã£ã³ãããã192.168.10.40/24ãæå®ãã¦ããã¾ã£ããåãçµæã«ãªãããã¹ã scanme.nmap.orgã®IPã¢ãã¬ã¹ã205.217.153.62ã§ããã¨ããã¨ãscanme.nmap.org/16ã¨ããæå®ã§ã¯ã205.217.0.0 ãã 205.217.255.255 ã¾ã§ã®65,536åã®IPã¢ãã¬ã¹ãã¹ã- ã£ã³ãããã¨ã«ãªããæå®å¯è½ãªæå°å¤ã¯/1ã§ãããããã¯ã¤ã³ã¿ã¼ãããã®ååãã¹ã- ã£ã³ãããã¨ã«ãªããæ大å¤ã¯/32ã§ããã¹ã¦ã®ã¢ãã¬ã¹ããããåºå®ãããã®ã§ãæå®ãããã¹ããIPã¢ãã¬ã¹ã ããã¹ã- ã£ã³ãããã
CIDR表è¨ã¯ç°¡æ½ã§ããããå¿ãããååãªæè»æ§ãããããã§ã¯ãªããä¾ãã°ã192.168.0.0/16ãã¹ã- ã£ã³ããéã«ã.0ã.255ã§çµããã¢ãã¬ã¹ã¯ãé常ã¯ããã¼ãã- ã£ã¹ãã¢ãã¬ã¹ãªã®ã§ãã¹ã¦å¯¾è±¡ããé¤å¤ãããå ´åãããã ãããNmapã§ã¯ãã®ã±ã¼ã¹ã«ã¯ããªã¯ããã(octet=8bit)ç¯å²ã®ã¢ãã¬ã¹æå®ã«ãã£ã¦å¯¾å¿ãããé常ã®IPã¢ãã¬ã¹ãæå®ãã代ããã«ãã³ã³ãåºåãã®æ°ã®ãªã¹ããåãªã¯ããã(8bit)ã®ç¯å²ãæå®ã§ãããä¾ãã°ã192.168.0−255.1−254ã¨æå®ããã¨ã.0ã¨.255ã§çµããç¯å²ã®ã¢ãã¬ã¹ã¯ãã¹ã¦çãããããã®ç¯å²ã¯æå¾ã®ãªã¯ãããã ãã«éãå¿è¦ã¯ãªããããªãã¡ã0−255.0−255.13.37ã¨æå®ããã¨ã13.37ã§çµãããã¹ã¦ã®IPã¢ãã¬ã¹ãã¤ã³ã¿ã¼ãããå¨ä½ã§ã¹ã- ã£ã³ããããã®ãããªåºç¯å²ããã®ãµã³ããªã³ã°ã¯ãã¤ã³ã¿ã¼ãããã®èª¿æ»ãç 究ãè¡ãå ´åã«å½¹ç«ã¤ã
IPv6ã¢ãã¬ã¹ã¯ãå®å¨ä¿®é£¾å½¢(çç¥ãªã)ã®IPv6ã¢ãã¬ã¹ããã¹ãåã§ããæå®ã§ããªããIPv6ã§ã¯ãCIDRããªã¯ãããç¯å²ã¯ä½¿ãéãã»ã¨ãã©ãªãããããµãã¼ããããªãã
Nmapã¯ã³ãã³ãã©ã¤ã³ã§ã®è¤æ°ã®ãã¹ãæå®æ¹æ³ã«å¯¾å¿ãã¦ããããã¹ã¦åãå½¢å¼ã«ããªãã¦ããããnmap scanme.nmap.org 192.168.0.0/8 10.0.0,1,3−7.0−255ã¨ããã³ãã³ããå®è¡ãã¦ããæå¾éãã®çµæã«ãªãã
ã¿ã¼ã²ããã¯é常ãã³ãã³ãã©ã¤ã³ä¸ã§æå®ããããã以ä¸ã®ãªãã·ã§ã³ãã¾ããã¿ã¼ã²ããã®é¸æãå¶å¾¡ããããã«å©ç¨ã§ããã
−iL
å¥åãã¡ã¤ã«åãããã¿ã¼ã²ããã®æå®ãèª- ã¿è¾¼ããã³ãã³ãã©ã¤ã³ã§é常ã«å·¨å¤§ãªãã¹ããªã¹ãã渡ãã®ã¯ä¸é©åã§ããå ´åãå¤ããããããæã¾ããã®ãããããã±ã¼ã¹ã§ãããä¾ãã°ãã¹ã- ã£ã³ã®å¯¾è±¡ã«ãããã¨èãã¦ããç®ä¸ã®å²ãå½ã¦ã¢ãã¬ã¹ã®10000åã®ãªã¹ãããDHCPãµã¼ãããã¨ã¯ã¹ãã¼ããããå¯è½æ§ãããããããã¯ãä¸æ- £ãªåºå®IPã¢ãã¬ã¹ã使ç¨ãã¦ãããã¹ãã®ä½ç½®ã示ãã¢ãã¬ã¹ãé¤ãããã¹ã¦ã®IPã¢ãã¬ã¹ãã¹ã- ã£ã³ãããã¨æãå ´åããããããããªããã¨ã«ãããã¹ã- ã£ã³ããã¹ããã¹ãã®ãªã¹ããä½æãããã®ãã¡ã¤ã«åã−iLãªãã·ã§ã³ã®å¼æ°ã¨ãã¦Nmapã«æ¸¡ãã°ãããå¥åã®å½¢å¼ã¯ãNmapãã³ãã³ãã©ã¤ã³ã§å¯¾å¿ãã¦ãããã®(IPã¢ãã¬ã¹ããã¹ãåãCIDRãIPv6ããªã¯ãããç¯å²)ãªãä½ã§ãããããåå¥åã¯ã1ã¤ä»¥ä¸ã®ã¹ãã¼ã¹ãã¿ããæ¹è¡æå- ã§åºåãå¿è¦ããããå®éã®ãã¡ã¤ã«ã§ã¯ãªãã¦æ¨æºå¥åãããNmapã«ãã¹ããèª- ã¿è¾¼ã¾ãããå ´åã¯ããã¡ã¤ã«åã¨ãã¦ãã¤ãã³(−)ãæå®ããã¨ããã
−iR
ã¤ã³ã¿ã¼ãããå¨åã«å¯¾ãã調æ»ãç 究ãè¡ãå ´åãã¿ã¼ã²ãããç¡ä½çºã«é¸ã³ããå ´åãããã ããããã¹ãæ°ã®å¼æ°ã¯ãIPãããã¤çæããã¹ãããNmapã«ä¼ããããã©ã¤ãã¼ãããã«ãã- ã£ã¹ããæªå²ãå½ã¦ãªã©ã®ã¢ãã¬ã¹ç¯å²ã®ãããªæã¾ãããªãIPã¯ãèªåçã«é£ã°ãã¦é²ãããã«ãªã£ã¦ãããå¼æ°ã«0(ã¼ã- )ãæå®ããã¨ãã¹ã- ã£ã³ãç¡éã«ç¶ããããããã ãããããã¯ã¼ã¯ç®¡çèã®ãªãã«ã¯ãèªèº«ã®ç®¡çãããããã¯ã¼ã¯ãä¸æ- £ã«ã¹ã- ã£ã³ããããã¨ã«è¹ãç«ã¦ã¦ã¯ã¬ã¼ã ãã¤ããå ´åããããã¨ã«æ³¨æãã¦ãããããã®ãªãã·ã§ã³ã¯ãèªå·±è²¬ä»»ã§ä½¿ç¨ãããã¨ï¼ãé¨ã®æ¥ã®åå¾ãéå±ãã®ãã«æ¾ãè¦ãããã®Webãµã¼ããç¡ä½çºã«è¦ã¤ãããå ´åã¯ãnmap −sS −PS80 −iR 0 −p 80ã¨ããã³ãã³ãã試ãã¦ã¿ãã¨ããã
−−exclude
ã¿ã¼ã²ããã®ã³ã³ãåºåããªã¹ããæå®ããããããæå®ããå¨ãããã¯ã¼ã¯ç¯å²ã®ä¸é¨ã§ãã£ã¦ããã¹ã- ã£ã³å¯¾è±¡ããé¤å¤ãããããã«ãããå¼æ°ã¨ãã¦æ¸¡ããªã¹ãã§ã¯é常ã®Nmapæ§æãç¨ããããã®ã§ããã¹ãåãCIDR表è¨ã®ããããã- ãã¯ããªã¯ãããç¯å²ãªã©ãå«ãããã¨ãã§ããããã®ãªãã·ã§ã³ãå½¹ã«ç«ã¤ã®ã¯ãã¹ã- ã£ã³ããããããã¯ã¼ã¯ã«ããã¼ãã¹ã- ã£ã³ã«ãã£ã¦æªå½±é¿ãåã¶ãã¨ãããã£ã¦ããã触ãã¦ã¯ãªããªãããã·ã§ã³ã¯ãªãã£ã«ã«ãªãµã¼ããã·ã¹ãã ããä»äººã管çãã¦ãããµããããã¯ã¼ã¯ãå«ã¾ããå ´åã§ããã
−−excludefile
−−excludeãªãã·ã§ã³ã¨ã»ã¼åãæ©è½ãæä¾ããããç°ãªãç¹ã¯ãé¤å¤ãããã¿ã¼ã²ããããã³ãã³ãã©ã¤ã³ã§ã¯ãªããæ¹è¡æå- ãã¹ãã¼ã¹ãã¿ããªã©ã§åºåã£ãé¤å¤ãã¡ã¤ã«ã§æ¸¡ããããã¨ã§ããã
ãã¹ãã®çºè¦
ãããã¯ã¼ã¯åµå¯ããã·ã§ã³ã®ç¬¬ä¸æ®µéã«è¡ãã¹ããã¨ã®1ã¤ã¯ãä¸é£ã®(é常ã«åºç¯ãªå ´åããã)IPç¯å²ãéå®ãã¦ãã¢ã¯ãã£ããªç¶æã§ããããé¢å¿ã®ãããã¹ãã®ãªã¹ããä½æãããã¨ã§ãããåIPã¢ãã¬ã¹ã®ãã¼ãã1ã¤1ã¤ã¹ã- ã£ã³ããã®ã¯ãæéã¯ããããã®ã®ãªããªãé²ã¾ãªããé常ã¯ç¡é§ãªä½æ¥- ã§ããããã¡ããããããã¹ãã«èå³ãå¼ãããè¦å ã¯ãã¹ã- ã£ã³ã®ç®çã«å¤§ããå·¦å³ãããããããã¯ã¼ã¯ç®¡çèãªããç¹å®ã®ãµã¼ãã¹ãå®è¡ãã¦ãããã¹ãã«ããèå³ã示ããªããããããªãããã»ã- ã¥ãªãã£ç£æ»äººãªããIPã¢ãã¬ã¹ãæã¤ããã¤ã¹1ã¤1ã¤ã«é¢å¿ãå¼ãããå ´åãããã ãããåé¨ãããã¯ã¼ã¯ç®¡çèãªããèªåã管çãããããã¯ã¼ã¯ä¸ã®ãã¹ãã®ä½ç½®ã確èªããããã«ICMP pingã使ããã ãã§æºè¶³ãããããªãããå¤é¨ã®ãããã¬ã¼ã·ã§ã³ãã¹ãã®å®æ½æå½èãªãããã¡ã¤ã¢ã¦ã©ã¼ã«ã®å¶éãããæãããã¨ãã¦ãå¤ç¨®å¤æ§ãªèª¿æ»ææ³ã使ãå ´åãããã ããã
ãã®ããã«ããã¹ãçºè¦ã®ãã¼ãºã¯å¤å²ã«ãããã®ã§ãNmapã«ã¯ã使ç¨ããææ³ãã«ã¹ã¿ãã¤ãºããããã®å¹åºã種é¡ã®ãªãã·ã§ã³ãåãã£ã¦ããããã¹ãæ¢ç´¢ã¯pingã¹ã- ã£ã³ã¨å¼ã°ãããã¨ãããããä¸è¬çãªpingãã¼ã«ã«ããåç´ãªICMPã¨ã³ã¼è¦æ±ãã±ãããããã¯ããã«åªãã¦ãããã¦ã¼ã¶ã¯ããªã¹ãã¹ã- ã£ã³(−sL)ãç¨ããããpingãç¡å¹ã«ãã¦(−P0)ããã®ping段éãå®å¨ã«çç¥ãããããããã¯ãããã¯ã¼ã¯ã«å¯¾ãã¦ãã«ããã¼ãã®TCP SYN/ACKãUDPãICMPãªã©ã®ããã¼ããä»»æã«çµã¿åããã¦è¡ããã¨ãã§ããããããã®ãã- ã¼ãã®ç®çã¯ãIPã¢ãã¬ã¹ãå®éã«ã¢ã¯ãã£ããªç¶æ(ãã¹ãããããã¯ã¼ã¯ããã¤ã¹ã«ãã£ã¦ä½¿ç¨ä¸- )ã§ãããã¨ã示ãå¿ç- ãèªãåºããã¨ã§ãããå¤ãã®ãããã¯ã¼ã¯ã§ã¯ããã¤ã§ãã¢ã¯ãã£ããªIPã¢ãã¬ã¹ã¯å¨ä½ã®ã»ãã®ããããããªããRFC1918ã§å®ãããããã©ã¤ãã¼ãã¢ãã¬ã¹ç©ºé(ä¾ï¼10.0.0.0/8)ã§ã¯ç¹ã«ãããªã£ã¦ããããã®ãããã¯ã¼ã¯ã«ã¯ã1600ä¸åã®IPã¢ãã¬ã¹ãããããããã1000å°è¶³ããã®ãã·ã³ãããªãä¼æ¥- ã§ä½¿ããã¦ããã®ãè¦ããã¨ãããããã¹ãçºè¦ãå®è¡ããã¨ãããããåºå¤§ãªIPã¢ãã¬ã¹ã®æµ·ã®ä¸- ãããã¾ã°ãã«IPã¢ãã¬ã¹ãå²ãæ¯ããããã·ã³ãæ¢ãåºããã¨ãã§ããã
ããã¹ãçºè¦ã®ãªãã·ã§ã³ãä½ãæå®ãããªãå ´åãNmapã¯ãã¼ã80å®ã¦ã®TCP ACKãã±ããã¨ãICMPã¨ã³ã¼è¦æ±ã¯ã¨ãªãåã¿ã¼ã²ãããã·ã³ã«éä¿¡ããããã®ä¾å¤ã¯ãã- ã¼ã«ã« ã¤ã¼ãµããã ãããã¯ã¼ã¯ä¸ã«ããã¿ã¼ã²ããã«å¯¾ãã¦ãARPã¹ã- ã£ã³ãç¨ãããã¦ããå ´åã§ãããé«ã権éã®ãªãUNIXã·ã§ã«ã¦ã¼ã¶ã§ã¯ãconnect()ã·ã¹ãã ã³ã¼ã«ã使ã£ã¦ãACKã®ä»£ããã«SYNãã±ãããéãããããããã®ããã©ã«ãã¯ã−PA −PE ãªãã·ã§ã³ã«ç¸å½ããããã®ãã¹ãçºè¦æ©è½ã¯ããã¼ã«ã«ãããã¯ã¼ã¯ãã¹ã- ã£ã³ããå ´åã¯ååã ããããåæ¬çãªä¸é£ã®çºè¦èª¿æ»ã¯ãã»ãã¥ãªãã£ç£æ»ã«ä»»ããæ¹ãããã
−P*ãªãã·ã§ã³(pingã®ç¨®é¡ãé¸ã¶)ãçµã¿åããããã¨ãã§ãããæ§ããªTCPãã¼ã/ãã©ã°ãICMPã³ã¼ããç¨ããå¤ç¨®å¤æ§ãªãã- ã¼ããéããã¨ã§ãå¶éã®å³ãããã¡ã¤ã¢ã¦ã©ã¼ã«ãããæãã確çãä¸ãããã¨ãã§ãããããã«çæãã¹ãç¹ã¯ãã- ã¼ã«ã« ã¤ã¼ãµããã ãããã¯ã¼ã¯ä¸ã®ã¿ã¼ã²ããã«å¯¾ãã¦ã¯ããã®ä»ã®−P*ãªãã·ã§ã³ãæå®ãã¦ããå ´åã§ããARPæ¢ç´¢(−PR)ãããã©ã«ãã§è¡ããããã¨ã§ãããããã¯ã»ã¨ãã©ã®å ´åãä»ãããé«éã§å¹æçã«å®æ½ã§ããããã§ããã
ãã¹ãçºè¦ãå¶å¾¡ãããªãã·ã§ã³ã以ä¸ã«æããã
−sL (ãªã¹ãã¹ãã£ã³)
ãã¹ãçºè¦ã®ç¸®å°çã§ãåã«æå®ããããããã¯ã¼ã¯ã®å¨ãã¹ããä¸è¦§ããã ãã§ãããã¿ã¼ã²ãããã¹ãã«ã¯ä½ããã±ãããéããªããããã©ã«ãã§ã¯ãNmapã¯ãã¹ãåãç¥ãããã«ããã¹ãä¸ã§DNSã®éå¼ã解決ãè¡ããåãªããã¹ãåã¨ã¯ãããæå¤ãªã»ã©æç¨ãªæå ±ãããããã¦ããããã¨ãå¤ããä¾ãã°fw.chi.playboy.comã¯ããã¬ã¤ãã¼ã¤ç¤¾(Playboy Enterprises)ã®ã·ã«ã´(Chicago)æ¯ç¤¾ã®ãã¡ã¤ã¢ã¦ã©ã¼ã«ã§ãããã¾ãæçµçã«ã¯ãIPã¢ãã¬ã¹ã®ç·æ°ã«ã¤ãã¦ã®å ±åãããããªã¹ãã¹ã- ã£ã³ã¯ãèªåã®ã¿ã¼ã²ããã«å¯¾ãã¦æ- £ããIPã¢ãã¬ã¹ãå¾ããã¦ãããã¨ã確èªããããã®æå¹ãªå¥å¨æ§æ¤æ»ã«ãªããã¿ã¼ã²ããã®ãã¹ããè¦è¦ãã®ãªããã¡ã¤ã³åã示ãã¦ããå ´åã¯ãééã£ã¦å¥ã®ä¼ç¤¾ã®ãããã¯ã¼ã¯ãã¹ã- ã£ã³ãã¦ãã¾ããªãããã«ãããã«è©³ãã調æ»ããã ãã®ä¾¡å¤ã¯ããã
ãªã¹ãã¹ãã£ã³ã®çãã¯ãåã«ã¿ã¼ã²ãããã¹ãã®ãªã¹ããåºåããã ããªã®ã§ããã¼ãã¹ã- ã£ã³ãOSæ¤åºãpingã¹ã- ã£ã³ãªã©ã®ããé«åº¦ãªã¬ãã«ã®æ©è½ãå®ç¾ããããã®ãªãã·ã§ã³ã¯ãããã¨çµã¿åããããã¨ã¯ã§ããªãããããã®ãã¤ã¬ãã«ã®æ©è½ãå®è¡ããéã«ãpingã¹ã- ã£ã³ãç¡å¹ã«ãããå ´åã¯ã−P0ãªãã·ã§ã³ã®é ãåç§ã®ãã¨ã
−sP (Ping ã¹ãã£ã³)
ãã®ãªãã·ã§ã³ã使ãã¨ãNmapã¯pingã¹ãã£ã³(ãã¹ãçºè¦)ã®ã¿ãå®è¡ããå¿ç- ããå©ç¨å¯è½ãªãã¹ãã®ä¸è¦§ãåºåããããã以ä¸ã®èª¿æ»(ãã¼ãã¹ã- ã£ã³ãOSæ¤åºãªã©)ã¯è¡ããªãããªã¹ãã¹ãã£ã³ãããä¸æ- ©ç«ã¡å¥ã£ã調æ»ã«ãªãããåãç®çã§ä½¿ç¨ãããå ´åãå¤ããã¿ã¼ã²ãããããã¯ã¼ã¯ã®äºå調æ»ãããã¾ã注æãå¼ããã«è»½ãå®è¡ã§ãããæ»æèã«ã¨ã£ã¦ã¯ãIPããã³ãã¹ãåã1ã¤1ã¤ãªã¹ãã¹ã- ã£ã³ãã¦å¾ããããªã¹ãããããã¢ã¯ãã£ããªãã¹ããããã¤ããããç¥ããã¨ã®ã»ãã価å¤ãããã
ã¾ããã®ãªãã·ã§ã³ã¯ãã·ã¹ãã 管çèã®å½¹ã«ç«ã¤å ´åãå¤ãããããã¯ã¼ã¯ä¸ã®å©ç¨å¯è½ãªãã·ã³ã®æ°ãæ°ãããããµã¼ãã®å¯ç¨æ§ãç£è¦ãããããããã«å®¹æã«å©ç¨ã§ãããpingã¹ã¦ã£ã¼ãã¨å¼ã°ãããã¨ãå¤ãããã- ã¼ããã£ã¹ãã®ã¯ã¨ãªã«ã¯å¿çããªããã¹ããå¤ãããã«ãããã¼ãã- ã£ã¹ãã¢ãã¬ã¹ã«pingãæã¤ãããä¿¡é ¼æ§ãé«ãã
−sPãªãã·ã§ã³ã¯ããã©ã«ãã§ãICMPã¨ã³ã¼è¦æ±ã¨80çªãã¼ãå®ã¦ã®TCPãã±ãããéä¿¡ãããé«ã権éããªãã¦ã¼ã¶ãå®è¡ããå ´åã¯ãSYNãã±ããã(connect()ã³ã¼ã«ã使ã£ã¦)ã¿ã¼ã²ããã®80çªãã¼ãã«éããããé«ã権éãæã¤ã¦ã¼ã¶ããã- ã¼ã«ã« ã¤ã¼ãµããã ãããã¯ã¼ã¯ä¸ã®ã¿ã¼ã²ããã®ã¹ã- ã£ã³ã試ã¿ãå ´åã¯ã−−send−ipãæå®ããã¦ããªãéããARPè¦æ±(−PR)ãç¨ããããã−sPãªãã·ã§ã³ããçºè¦ãã- ã¼ãã¿ã¤ã(−P0ãé¤ã−P*ã¿ã¤ã)ã®ãªãã·ã§ã³ã¨çµã¿åãããã¨ãããã«æè»ã«å¯¾å¿ã§ããããã®ãã- ã¼ãã¿ã¤ãã®ã©ããã¨ãã¼ãçªå·ã®ãªãã·ã§ã³ã使ãã¨ãããã©ã«ãã®ãã- ã¼ã(ACKãã¨ã³ã¼è¦æ±)ãããåªåããããNmapãå®è¡ãã¦ããçºä¿¡åãã¹ãã¨ã¿ã¼ã²ãããããã¯ã¼ã¯ã®éã«ãå¶éã®å³ãããã¡ã¤ã¢ã¦ã©ã¼ã«ãè¨- ç½®ãã¦ããå ´åã¯ããããã®é«åº¦ãªãã¯ããã¯ãç¨ããã¹ãã§ããããããªãã¨ããã¡ã¤ã¢ã¦ã©ã¼ã«ã§ãã- ã¼ããã±ããããã¹ãã®å¿çãã±ãããç ´æ£ãããå ´åã«ããã¹ããæ¤åºãæããå¯è½æ§ãããã
−P0 (ping ãªã)
ãã®ãªãã·ã§ã³ãæå®ããã¨ãNmapãå®è¡ãããã¹ãçºè¦ã®æ®µéãå®å¨ã«çç¥ããããNmapã¯é常ãã®æ¤åºæ®µéã§ãããã«ç«ã¡å¥ã£ãã¹ã- ã£ã³ãè¡ãããã®ã¢ã¯ãã£ããªãã·ã³ãå²ãåºããNmapã¯ããã©ã«ãã§ã¯ããã¼ãã¹ã- ã£ã³ããã¼ã¸ã§ã³æ¤åºãOSæ¤åºãªã©ã®ç«ã¡å¥ã£ããã- ã¼ãã¯ãä½åãã¦ãããã¨ãå¤æãããã¹ãã«å¯¾ãã¦ããå®è¡ããªãããã«ãªã£ã¦ããã−P0ã使ã£ã¦ãã¹ãçºè¦ãç¡å¹ã«ããã¨ãNmapã¯ã¿ã¼ã²ããã«æå®ãããIPã¢ãã¬ã¹ãã¹ã¦ã«å¯¾ãã¦ãè¦æ±ãããã¹ã- ã£ã³æ©è½ãå®è¡ãããã¨ãããã¤ã¾ããã¯ã©ã¹Bã®ãµã¤ãºã®ã¢ãã¬ã¹ç©ºé(/16)ããã³ãã³ãã©ã¤ã³ã§ã¿ã¼ã²ããã«æå®ããå ´åã65,536åã®IPã¢ãã¬ã¹ãã¹ã¦ãã¹ã- ã£ã³ãããã−P0ã®2çªç®ã®æåã¯æ°åã®ã¼ãã§ãããè±åã®ãªã¼ã§ã¯ãªãããªã¹ãã¹ã- ã£ã³ã®å ´åã¨åæ§ã«ãæ¬æ¥è¡ãã¹ããã¹ãçºè¦ã®æ®µéã¯çç¥ãããããNmapã¯ããã§åæ- ¢ãã¦ã¿ã¼ã²ããã®ãªã¹ããåºåããã®ã§ã¯ãªãã¦ãåã¿ã¼ã²ããIPãã¢ã¯ãã£ãã§ãããã®ããã«ãè¦æ±ãããæ©è½ãå®è¡ãç¶ããã
−PS [portlist] (TCP SYN Ping)
ãã®ãªãã·ã§ã³ã«ãã£ã¦ãSYNãã©ã°ä»ãã®ç©ºã®TCPãã±ãããéä¿¡ããããããã©ã«ãã®éä¿¡åãã¼ãã¯80çª(ãã®è¨- å®ã¯ãnmap.hã®DEFAULT_TCP_PROBE_PORTãæ¸ãæãã¦ã³ã³ãã¤ã«ããã¨å¤æ´ã§ãã)ã ãã代ããã®ãã¼ãããã©ã¡ã¿ã¨ãã¦æå®ã§ãããã¾ããã³ã³ãåºåãã®ãã¼ãçªå·ãªã¹ã(ä¾ï¼−PS22,23,25,80,113,1050,35000)ãæå®ãããã¨ãå¯è½ã§ããããã®å ´åãåãã¼ãã«å¯¾ãããã- ã¼ãã¯åæ並è¡ã§è©¦ã¿ãããã
SYNãã©ã°ã«ãã£ã¦ããã¡ãå´ãã³ãã¯ã·ã§ã³ã®ç¢ºç«ã試ã¿ã¦ãããã¨ããªã¢ã¼ãã®ã·ã¹ãã ã«ç¥ããããé常ã¯éä¿¡åãã¼ããéãã¦ãããRST(ãªã»ãã)ãã±ãããéãè¿ãããããã®ãã¼ãããã¾ãã¾éãã¦ããå ´åã¯ãã¿ã¼ã²ããã¯SYN/ACK TCPãã±ããã§å¿ç- ããTCPã®3ã¦ã§ã¤ãã³ãã·ã§ã¤ã¯ã®ç¬¬äºæ®µéã«é²ããç¶ãã¦ãNmapãå®è¡ãã¦ãããã·ã³ããACKãã±ãããéã£ã¦3ã¦ã§ã¤ãã³ãã·ã§ã¤ã¯ãå®äºããã°ãå®å¨ãªã³ãã¯ã·ã§ã³ã確ç«ããããããã®ä»£ããã«RSTã§å¿ç- ãããã¨ã§ãçæéä¸ã®ã³ãã¯ã·ã§ã³ãåæ- ããããã®RSTãã±ããã¯ãNmapèªèº«ã§ã¯ãªãã¦ãNmapãå®è¡ãã¦ãããã·ã³ã®ã«ã¼ãã«ããäºæãã¬SYN/ACKã«å¿ç- ãã¦éããã®ã§ããã
Nmapã§ã¯ã対象ã®ãã¼ããéãã¦ãããéãã¦ãããã¯åé¡ã«ããªãã対象ã®ãã¹ããã¢ã¯ã»ã¹å¯è½ã§ãåå¿ããããã¨ãNmapã«åããã®ã¯ãä¸ã§è¿°ã¹ãRSTãSYN/ACKã®å¿ç- ã§ããã
UNIXãã·ã³ã§ã¯é常ãçã®TCPãã±ãããéåä¿¡ã§ããã®ã¯root権éãæã¤ã¦ã¼ã¶ã«éãããããããã権éã®ãªãã¦ã¼ã¶ã®å ´åã¯ã次åç- ãèªåçã«æ¡ç¨ãããåã¿ã¼ã²ãããã¼ãã«å¯¾ãã¦connect()ã·ã¹ãã ã³ã¼ã«ãèµ·åããããããã«ãããSYNãã±ãããã¿ã¼ã²ãããã¹ãã«éä¿¡ããã³ãã¯ã·ã§ã³ã®ç¢ºç«ã試ã¿ããconnect()ã®æ»ãå¤ã¨ãã¦ãã¿ããã«æåã失æ(ECONNREFUSED)ãå¾ãããå ´åãä¸ä½ã®TCPã¹ã¿ãã¯ã§ã¯SYN/ACKãRSTãã±ãããåä¿¡ãããã¨ã«ãªããã¿ã¼ã²ãããã¹ãã¯ã¢ã¯ã»ã¹å¯è½ã¨è¦ãªãããããã®ã³ãã¯ã·ã§ã³ã®è©¦ã¿ãæªç¢ºç«ã®ã¾ã¾ã§ã¿ã¤ã ã¢ã¦ãã«éããå ´åã¯ããã¹ãã¯ãã¦ã³ãã¦ããã¨è¦ãªããããNmapã¯çã®IPv6ãã±ããã®çæã«ã¯ã¾ã 対å¿ãã¦ããªãã®ã§ããã®æ¬¡åç- ã¯IPv6ã«ããæ¥ç¶ã«ãç¨ããããã
−PA [portlist] (TCP ACK Ping)
TCP ACK pingã¯ãããä¸ã§è¿°ã¹ãSYN pingã®ã±ã¼ã¹ã«é·ä¼¼ãã¦ãããç°ãªãç¹ã¯ãæ³åãããéããSYNãã©ã°ã®ä»£ããã«TCP ACKãã©ã°ãä»ãããããã¨ã§ãããããããACKãã±ããã¯ã確ç«ãããTCPã³ãã¯ã·ã§ã³ä¸ã®ãã¼ã¿ãæ¿èªãã¦ããã¨ç§°ãã¦ãããããã®ãããªã³ãã¯ã·ã§ã³ã¯å- å¨ããªãã®ã§ããããã®ããããªã¢ã¼ããã¹ãã¯å¸¸ã«RSTãã±ããã§å¿ç- ããªããã°ãªããªããªãããã®éç¨ã§èªãã®åå¨ãæããã«ãããã¨ã«ãªãã
−PAãªãã·ã§ã³ã¯ãSYNãã- ã¼ãã¨åãããã©ã«ããã¼ã(80)ã使ç¨ããåãå½¢å¼ã®ç®çãã¼ããªã¹ããå¾ããã¨ãã§ããã権éã®ãªãã¦ã¼ã¶ãããã試ã¿ãå ´åããIPv6ã¿ã¼ã²ãããæå®ãããå ´åã¯ãä¸ã§è¿°ã¹ãconnect()ã®æ¬¡åç- ãç¨ããããããã ãå®éã«ã¯ãconnect()ã¯ACKã§ã¯ãªãã¦SYNãã±ãããéãã®ã§ããã®æ¬¡åç- ã¯å®å¨ã¨ã¯è¨ããªãã
SYNããã³ACKã®ä¸¡æ¹ã® pingã使ããããã«ãªã£ã¦ããçç±ã¯ããã¡ã¤ã¢ã¦ã©ã¼ã«ãããæããå¯è½æ§ãæ大éé«ãããããã§ãããå¤ãã®ç®¡çèã¯ãååãã®SYNãã±ããã«é¢ãã¦ã¯ãä¼æ¥- ã®Webãµã¤ããã¡ã¼ã«ãµã¼ããªã©ã®å±ç¨ãµã¼ãã¹å®ã¦ã®ãã®ä»¥å¤ã¯ãã¹ã¦ãã- ãã¯ããããã«ãã«ã¼ã¿ãç°¡æãã¡ã¤ã¢ã¦ã©ã¼ã«ãè¨- å®ãã¦ãããããã«ãããçµç¹ã¸ã®ãã®ä»ã®ååãã³ãã¯ã·ã§ã³ã¯é»æ- ¢ããããã®ã®ãã¦ã¼ã¶ãå©ç¨ããã¤ã³ã¿ã¼ãããã¸ã®å¤åãã³ãã¯ã·ã§ã³ã¯ãä½ã«ã妨ããããã«è¨±å¯ããã¦ããããã®ãããªã¹ãã¼ããã«(å¦çç¶æãææ¡ãã¦åçã«å¯¾å¦ãã)ã§ãªãã¢ãã- ã¼ãã¯ããã¡ã¤ã¢ã¦ã©ã¼ã«/ã«ã¼ã¿ä¸ã§ãªã½ã¼ã¹ãã»ã¨ãã©æ¶è²»ããããã¼ãã¦ã§ã¢ããã³ã½ããã¦ã§ã¢ãã£ã«ã¿ã§åºããµãã¼ãããã¦ãããLinuxç¨ãã¡ã¤ã¢ã¦ã©ã¼ã«ã½ããã¦ã§ã¢ãNetfilter/iptablesãã«ã¯ãããããã¹ãã¼ãã¬ã¹ãªã¢ãã- ã¼ããå®è£ããããã®ã−−synãã¨ãã便å©ãªãªãã·ã§ã³ãç¨æããã¦ããããã®ãããªã¹ãã¼ãã¬ã¹ãªãã¡ã¤ã¢ã¦ã©ã¼ã«ã«ã¼ã«ãè¨- å®ããã¦ããå ´åãSYN pingããã¼ã(−PS)ãéããã¿ã¼ã²ãããã¼ãã«éã£ã¦ããã- ãã¯ãããå¯è½æ§ãé«ããããããå ´åã¯ãACKããã¼ããå¹åãçºæ®ãããã®ã«ã¼ã«ãçªç ´ããã
ã¾ããã使ããããã¡ã¤ã¢ã¦ã©ã¼ã«ã§ãå¥ã®ç¨®é¡ã®ãã®ã«ã¯ãæ³å®å¤ã®ãã±ããã¯ç ´æ£ããã¨ããã¹ãã¼ããã«ã«ã¼ã«ãæ¡ç¨ããã¦ãããå½åããããæ©è½ã¯ãã¤ã¨ã³ãã®ãã¡ã¤ã¢ã¦ã©ã¼ã«ã§ããè¦ãããªãã£ãããããæ°å¹´ã®éã«ä¸è¬ã«åºãæ®åãã¦ãã¦ãããLinuxã®Netfilter/iptablesã·ã¹ãã ã¯ã−−stateãªãã·ã§ã³ã§ãã®æ©è½ããµãã¼ããã¦ãããã³ãã¯ã·ã§ã³ã®ç¶æã«å¿ãã¦ãã±ãããåé¡ããããã®ãããªã·ã¹ãã ã§ã¯ãæ³å®å¤ã®ACKãã±ããã¯é常ãå½ç©ã¨èªè- ããã¦ç ´æ£ãããã®ã§ãSYNãã- ã¼ãã®ã»ããæå¹ã§ããå¯è½æ§ãé«ãããã®é£é¡ã«å¯¾ãã解決çã®1ã¤ã¯ã−PS ããã³ −PAãæå®ãã¦ãSYN ããã³ ACKã®ä¸¡æ¹ã®ããã¼ããéããã¨ã§ããã
−PU [portlist] (UDP Ping)
ããããã¹ãçºè¦ç¨ãªãã·ã§ã³ã§ã空ã®(−−data−lengthãæå®ããã¦ããå ´åãé¤ã)UDPãã±ãããç¹å®ã®ãã¼ãã«éä¿¡ããããã¼ããªã¹ãã¯ãä¸ã§è¿°ã¹ã−PS ã −PAã®ãªãã·ã§ã³ã®å ´åã¨åãå½¢å¼ã«ãããç¹ã«ãã¼ããæå®ããã¦ããªãå ´åãããã©ã«ãã§ã¯31338çªã«ãªãããã®ããã©ã«ãå¤ãè¨- å®ããã«ã¯ãnmap.hã®DEFAULT_UDP_PROBE_PORTãæ¸ãæãã¦ã³ã³ãã¤ã«ãããã»ã¨ãã©ä½¿ããããã¨ããªããã¼ããããã©ã«ãã§ä½¿ç¨ããã¦ããçç±ã¯ãéæ¾ãã¼ãã¸ã®éä¿¡ãããã®ã¹ã- ã£ã³ã¿ã¤ãã§ã¯ç¹ã«æã¾ãããªãå ´åãå¤ãããã§ããã
UDPãã- ã¼ããã¿ã¼ã²ãããã·ã³ã§éãããã¼ãã«è¡ãçããå ´åã¯ãICMPãã¼ãå°éä¸è½ãã±ãããè¿éãããã¯ãã§ãããNmapã¯ããã«ãããã¿ã¼ã²ãããã·ã³ã稼åä¸- ã§ã¢ã¯ã»ã¹å¯è½ã§ãããã¨ãç¥ããã¨ã«ãªããICMPã«ã¯ãã®ä»ã«ãããã¹ã/ãããã¯ã¼ã¯å°éä¸è½ãTTLè¶éãªã©ã®ããã¹ãããã¦ã³ãã¦ãããå°éä¸è½ã§ãããã¨ã示ãå¤æ§ãªã¨ã©ã¼ã¡ãã»ã¼ã¸ããããå¿ç- ããªãã®ããããã¨åæ§ã«è§£éãããã空ã®ãã±ãããéæ¾ãã¼ãã«å°éããå ´åãã»ã¨ãã©ã®ãµã¼ãã¹ã¯ãããç¡è¦ãã¦ãä½ã®å¿ç- ãè¿ããªããããã©ã«ãã®ããã¼ããã¼ãããã»ã¼ä½¿ç¨ä¸- ã§ã¯ãªã31338çªã«ãªã£ã¦ããã®ã¯ããã®ããã§ããããchargenããªã©ã®ãµã¼ãã¹ã«ã¯ã空ã®UDPãã±ããã«å¿ç- ãããã®ãããã¤ãããããã·ã³ãå©ç¨å¯è½ã§ãããã¨ãNmapã«ç¥ããããã¨ã«ãªãã
ãã®ç¨®é¡ã®ã¹ã- ã£ã³ã®ä¸»ãªã¡ãªããã¯ãTCPãããµããã«æããªããã¡ã¤ã¢ã¦ã©ã¼ã«ããã£ã«ã¿ãããæãããã¨ã§ãããä¾ãã°ãç- èã以åæã£ã¦ããLinksys社ã®ç¡ç·ãã- ã¼ããã³ãã«ã¼ã¿ãBEFW11S4ã®å¤é¨ã¤ã³ã¿ã¼ãã§ã¼ã¹ã¯ãããã©ã«ãã§ãã¹ã¦ã®TCPãã¼ãã«ãã£ã«ã¿å¦çããããã«ãªã£ã¦ããããUDPãã- ã¼ãã使ãã¨ããã¼ãå°éä¸è½ã¡ãã»ã¼ã¸ãå¼ãåºããããã¤ã¹ã®æ- £ä½ãæããã«ãããã¨ãã§ããã
−PE; −PP; −PM (ICMP Ping ã¿ã¤ã)
Nmapã¯ãä¸ã§è¿°ã¹ããããªTCP ã UDPã«ãããã¹ãçºè¦ã®ç¹ç°ãªã¿ã¤ãã«å ãã¦ãã©ãã«ã§ãããpingãã- ã°ã©ã ã«ãã£ã¦éä¿¡ãããæ¨æºçãªãã±ãããéããã¨ãã§ãããNmapã¯ãICMPã¿ã¤ã8(ã¨ã³ã¼è¦æ±)ãã±ãããã¿ã¼ã²ããã®IPã¢ãã¬ã¹ã«éä¿¡ããå©ç¨å¯è½ãªãã¹ãããã¿ã¤ã0(ã¨ã³ã¼å¿ç- )ãè¿ãããã®ãå¾ã¡åããããããã¯ã¼ã¯èª¿æ»ãè¡ãèã«ã¨ã£ã¦ã¯æ®å¿µãªãã¨ã«ãæè¿ã®ãã¹ãããã¡ã¤ã¢ã¦ã©ã¼ã«ã¯ãRFC1122 [1] ã®è¦ä»¶éãå¿ç- ãè¿ãããã¯ããããã®ãã±ããããã- ãã¯ãããã®ãå¤ãããã®ãããã¤ã³ã¿ã¼ãããä¸ã®æªç¥ã®ã¿ã¼ã²ããã«å¯¾ãã¦ã¯ãICMPã¹ã- ã£ã³ã ãã§ã¯ååãªä¿¡é ¼æ§ãå¾ãããªããã ããåé¨ãããã¯ã¼ã¯ãç£è¦ãã¦ããã·ã¹ãã 管çèã«ã¨ã£ã¦ã¯ãå®ç¨çã§å¹ççãªã¢ãã- ã¼ãã«ãªãå ´åãããããã®ã¨ã³ã¼è¦æ±åä½ãæå¹ã«ããã«ã¯ã−PEãªãã·ã§ã³ã使ç¨ãããã¨ã
ã¨ã³ã¼è¦æ±ã¯æ¨æºçãªICMP pingã¯ã¨ãªã§ããããNmapã¯ããã ãã«ã¨ã©ã¾ããªããICMPè¦æ ¼(RFC792 [2] )ã«ã¯ãã¿ã¤ã ã¹ã¿ã³ãè¦æ±ãæå ±è¦æ±ãã¢ãã¬ã¹ãã¹ã¯è¦æ±ãªã©ã®ãã±ããããããããã³ã¼ã13ã15ã17ã¨ãã¦æå®ããã¦ããããããã®ã¯ã¨ãªã®è¡¨åãã®ç®çã¯ãã¢ãã¬ã¹ãã¹ã¯ãç¾å¨ã®æå»ãªã©ã®æå ±ãç¥ããã¨ã ãããã¹ãçºè¦ã«ã容æã«å©ç¨ã§ãããå¿ç- ãè¿ãã·ã¹ãã ã¯ããªãã¡ã稼åä¸- ã§å©ç¨å¯è½ãªã®ã§ãããæå ±è¦æ±ãã±ããã¯ãããã»ã©åºããµãã¼ãããã¦ããããã§ã¯ãªãã®ã§ãä»ã®ã¨ããNmapã«ã¯å®è£ããã¦ããªããRFC 1122ã§ã¯ããã¹ãã«ã¯ãã®ç¨®ã®ã¡ãã»ã¼ã¸ãå®è£ããã¹ãã§ã¯ããã¾ãããã¨æå±ããã¦ãããã¿ã¤ã ã¹ã¿ã³ãã¨ã¢ãã¬ã¹ãã¹ã¯ã«é¢ããã¯ã¨ãªã¯ããããã−PPã¨−PMã®ãªãã·ã§ã³ãä»ãããã¨ã§éä¿¡ã§ãããã¿ã¤ã ã¹ã¿ã³ãå¿ç- (ICMP ã³ã¼ã14)ãã¢ãã¬ã¹ãã¹ã¯å¿ç- (ã³ã¼ã18)ã«ãã£ã¦ããã¹ããå©ç¨å¯è½ã§ãããã¨ãæããã«ãªããããã2ã¤ã®ã¯ã¨ãªã¯ã管çèãã¨ã³ã¼è¦æ±ãã±ãããéå®ãã¦ãã- ãã¯ãã¦ããããä»ã®ICMPã¯ã¨ãªãåãç®çã§ç¨ããããå¯è½æ§ããããã¨ãè¦è½ã¨ãã¦ããå ´åã«æå¹ã§ããã
−PR (ARP Ping)
Nmapã®æãä¸è¬çãªä½¿ç¨æ³ã®1ã¤ã¯ãã¤ã¼ãµãããLANã®ã¹ã- ã£ã³ã§ãããããã¦ãã®LANãç¹ã«RFC1918æå±ã®ãã©ã¤ãã¼ãã¢ãã¬ã¹ç¯å²ãç¨ãããã¦ããLANã§ã¯ãIPã¢ãã¬ã¹ã®å¤§é¨åã¯å¸¸ã«æªä½¿ç¨ã®ã¾ã¾ã«ãªã£ã¦ãããNmapãICMPã¨ã³ã¼è¦æ±ã®ãããªçã®IPãã±ãããéä¿¡ããå ´åãOSã¯ã¤ã¼ãµããããã¬ã¼ã ã®ã¢ãã¬ã¹ãæ- £ããæå®ã§ããããã«ãã¿ã¼ã²ããIPã«å¯¾å¿ããéä¿¡åãã¼ãã¦ã§ã¢(ARP)ã®ã¢ãã¬ã¹ã決ããå¿è¦ããããã ããã®å¦çã¯éããä¸ç¢ºå®ã§ããå ´åãå¤ãããªããªããOSã¯ãå©ç¨ã§ããªããã¹ãã«å¯¾ãã¦ä½ç¾ä¸ã¨ããæ°ã®ARPè¦æ±ãç- æéã§è¡ããªããã°ãªããªããã¨ãæ³å®ãã¦ä½ããã¦ããããã§ã¯ãªãããã§ããã
Nmapã®ARPã¹ã- ã£ã³ã§ã¯ãARPè¦æ±ã®å¦çãè¡ãã®ã«ããã®ããã«æé©åããã¢ã«ã´ãªãºã ãç¨ãã¦ãããå¿ç- ãè¿ãããå ´åãNmapã¯ãã§ã«ãã®ãã¹ãã稼åä¸- ã§ãããã¨ããããã®ã§ãIPãã¼ã¹ã®pingãã±ããå¦çã®å¿éã¯ããªãã¦ãããªããããã«ãããARPã¹ã- ã£ã³ã¯IPãã¼ã¹ã®ã¹ã- ã£ã³ããããã£ã¨é«éã§ä¿¡é ¼æ§ã®é«ãå¦çãè¡ããã¨ãã§ããããã®ãããNmapããã¼ã«ã« ã¤ã¼ãµããã ãããã¯ã¼ã¯ä¸ã§æ¤åºããã¤ã¼ãµããã ãã¹ããã¹ã- ã£ã³ããå ´åã¯ãããã©ã«ãã§ARPã¹ã- ã£ã³ãè¡ãããããã«ãªã£ã¦ãããå¥ã®pingã¿ã¤ã(−PEã−PSãªã©)ãæå®ããã¦ããå ´åã§ããåä¸ã®LANä¸ã«ããã¿ã¼ã²ããã«å¯¾ãã¦ã¯ãNmapã¯ãããã®ä»£ããã«ARPãç¨ãããããã¾ã§ãARPã¹ã- ã£ã³ãè¡ããããªãå ´åã¯ã−−send−ipãæå®ãããã¨ã
−n (DNS解決ãè¡ããªã)
Nmapãçºè¦ããã¢ã¯ãã£ããªIPã¢ãã¬ã¹ã«å¯¾ãã¦éå¼ãã®DNS解決ãè¡ããªãããã«æå®ãããDNSã¯å¦çãéããã¨ãå¤ãã®ã§ãããã«ãã£ã¦é²è¡ãéãããã¨ãã§ããã
−R (å¨ã¿ã¼ã²ããã«DNS解決ãè¡ã)
ã¿ã¼ã²ããã®IPã¢ãã¬ã¹ã«å¯¾ãã¦å¸¸ã«éå¼ãDNS解決ã常ã«è¡ãããã«æå®ããããã®æå®ã¯é常ã対象ã®ãã·ã³ã稼åãã¦ãããã¨ãå¤æãã¦ããå ´åã«ã®ã¿è¡ãããã
−−system−dns (ã·ã¹ãã ã®DNSãªã¾ã«ãã使ã)
Nmapã¯ããã©ã«ãã§ã¯ããã¹ãä¸ã«æ§æããããã¼ã ãµã¼ãã«ç´æ¥ã¯ã¨ãªãéããå¿ç- ãå¾ã¡åãããã¨ã§ãIPã¢ãã¬ã¹ã解決ãããããã©ã¼ãã³ã¹ãä¸ããããã«ãæ°å¤ãã®è¦æ±(æ°å件ã«åã¶ãã¨ãå¤ã)ã並è¡å¦çãããã代ããã«èªåã®ã·ã¹ãã ã®ãªã¾ã«ãã使ããã(getnameinfo()ã³ã¼ã«ãä»ãã¦1åã«1åã®IPãå¦çãã)å ´åã¯ããã®ãªãã·ã§ã³ãæå®ãããã¨ãã ãããã¯ä½éã§ã»ã¨ãã©ä½¿ãç©ã«ãªããªãããã ããNmapã®DNSã³ã¼ãã«ãã°ãããå ´åã¯ãã®éãã§ã¯ãªãï¼ï¼ãã®å ´åã¯é£çµ¡ãã¦ããã ããããIPv6ã¹ã- ã£ã³ã§ã¯å¸¸ã«ãã·ã¹ãã ã®ãªã¾ã«ãã使ãããã
ãã¼ãã¹ãã£ã³ã®åºæ¬
Nmapã¯ããæ°å¹´ã§ãæ©è½é¢ã§ããããã¨æ¡åããã¦ãããããã¨ã¯å¹ççãªãã¼ãã¹ã- ã£ãã¨ãã¦éçºããããã®ã§ããããã¼ãã¹ãã£ã³ã¯ä»ã§ãNmapã®ä¸æ ¸ãæãæ©è½ã§ãããnmap targetã¨ããã·ã³ãã«ãªã³ãã³ãã§ãã¿ã¼ã²ãããã¹ãä¸ã®1660åãã¾ãã®TCPãã¼ããã¹ã- ã£ã³ã§ãããå¤ãã®ãã¼ãã¹ã- ã£ãã§ã¯å¾æ¥ããã¹ã¦ã®ãã¼ãã¯ä¸æ¬ãã¦openã(éãã¦ãã)ãclosed(éãã¦ãã)ã®ã©ã¡ããã®ç¶æã«ãããã®ã¨ãã¦æ±ããã¦ããããNmapã§ã¯ããã«ããç´°ããåãæ±ããããããªãã¡ããã¼ãã¯ä»¥ä¸ã®6ã¤ã®ç¶æã«åé¡ãããï¼ãopenãclosedãfilteredãunfilteredãopen|filteredãã¾ãã¯closed|filteredã
ãããã®ç¶æã¯ããã¼ãèªä½ã«åºæã®ç¹æ§ã§ã¯ãªãã¦ãNmapããã¼ããã©ã®ããã«èªè- ãã¦ãããã表ãã¦ãããä¾ãã°ãNmapãã¿ã¼ã²ããã¨åããããã¯ã¼ã¯ããã¹ã- ã£ã³ãè¡ãã¨ã135çª/tcpãã¼ãã¯openç¶æã«ããããã«è¦ããããåæå»ã«åããªãã·ã§ã³ã§ãã®ã¹ã- ã£ã³ãã¤ã³ã¿ã¼ãããä¸ããè¡ã£ãå ´åãåãã¼ãã¯filteredã¨è¦ããã ããã
Nmapã«èªèããããã¼ãã®6ã¤ã®ç¶æ
open
ãã®ãã¼ãã§ã¯ãã¢ããªã±ã¼ã·ã§ã³ãTCPã³ãã¯ã·ã§ã³ãUDPãã±ãããã¢ã¯ãã£ãã«åãå¥ãã¦ãããå¤ãã®å ´åããã¼ãã¹ã- ã£ã³ã®ç¬¬ä¸ã®ç®çã¯ããã®ç¨®ã®ãã¼ããè¦ã¤ãããã¨ã§ãããã»ã- ã¥ãªãã£ãéè¦ãã人ãªããopenãã¼ããæ»æèã®éãéã«ãªããã¨ããå- ç¥ã ãããæ»æèããã³ãã¹ãå®æ½èã¯ããã®openãã¼ãã®å¼±ç¹ãçªããã¨ããä¸æ¹ã§ã管çèã¯æ- £è¦ã¦ã¼ã¶ã®å©ç¨ã妨ãããã¨ãªãããããã®ãã¼ãããã¡ã¤ã¢ã¦ã©ã¼ã«ã§éãããé²å¾¡ããããããã¨ãããã¾ããOpenãã¼ããè¦ãã¨ããããã¯ã¼ã¯ä¸ã§å©ç¨å¯è½ãªãµã¼ãã¹ãä½ããããã®ã§ãã»ã- ã¥ãªãã£ã¹ãã£ã³ä»¥å¤ã§ãèå³ãå¼ããããã¼ãã§ããã
closed
closed(éãã)ãã¼ãã¯ãã¢ã¯ã»ã¹å¯è½(Nmapã®ããã¼ããã±ãããåä¿¡ãããå¿ç- ããããã)ã ããããã§åä¿¡å¾æ©ãã¦ããã¢ããªã±ã¼ã·ã§ã³ã¯ãªãããã®ç¨®ã®ãã¼ãã¯ãããIPã¢ãã¬ã¹ã§ãã¹ãã稼åä¸- ã§ãããã¨ã確èªããå ´å(ãã¹ãçºè¦ãpingã¹ã- ã£ã³)ããOSæ¤åºã®ä¸ç°ã¨ãã¦å½¹ã«ç«ã¤å ´åããããclosedãã¼ãã¯å°éå¯è½ãªã®ã§ãå¾ã«ãã®ä¸é¨ãéæ¾ãããå ´åã¯ãã¹ã- ã£ã³ã®å¯¾è±¡ã«ãªãå¯è½æ§ãããã管çèããã®ç¨®ã®ãã¼ãããã¡ã¤ã¢ã¦ã©ã¼ã«ã§ãã- ãã¯ãããã¨ãæ¤è¨ããå ´åãããã ããããããªãã¨ããããã¯æ¬¡ã§è¿°ã¹ãfiltered(ãã£ã«ã¿ãã)ç¶æã¨ãã¦è¦ããããã«ãªãã
filtered
Nmapã¯ããã®ãã¼ããéãã¦ãããã©ãããå¤å¥ã§ããªãããªããªãããã±ãããã£ã«ã¿ã®ããã§ããã- ã¼ãããã¼ãã¾ã§å°éã§ããªãããã§ããããã®ãã£ã«ã¿å¦çã¯ããã¡ã¤ã¢ã¦ã©ã¼ã«å°ç¨æ©å¨ãã«ã¼ã¿ã®ã«ã¼ã«ããã¹ããã¼ã¹ã®ãã¡ã¤ã¢ã¦ã©ã¼ã«ã½ãããªã©ã§å®è¡ã§ããããããã®ãã¼ãããã¯æå ±ãã»ã¨ãã©å¾ãããªãã®ã§ãæ»æèã®ä¼ã¦ãé»ããã¨ã«ãªããå ´åã«ãã£ã¦ã¯ãã¿ã¤ã3ã³ã¼ã13(destination unreachableï¼å®åå°éä¸è½ï¼ï¼éä¿¡ã管çä¸ã®çç±ã§ç¦æ- ¢ããã¦ãã)ãªã©ã®ICMPã¨ã©ã¼ã¡ãã»ã¼ã¸ãè¿ããã¨ãããããå¿çããªãã§ãã- ã¼ããç ´æ£ããã ãã®ãã£ã«ã¿ã®ã»ããã¯ããã«å¤ã使ãããããã«ãªã£ã¦ããããã®å ´åãNmapã¯ããã- ã¼ããç ´æ£ãããã®ã¯ãã£ã«ã¿ãªã³ã°ã§ã¯ãªãã¦ãããã¯ã¼ã¯ã®æ··éã®ããã¨è¦ãªãã¦ãå試è¡ãæ°åè¡ããããå¾ãªããªãã®ã§ãã¹ã- ã£ã³ã®é²è¡é度ãæ ¼æ®µã«è½ã¡ãã
unfiltered
unfilteredç¶æã¨ã¯ããã¼ãã«ã¯ã¢ã¯ã»ã¹å¯è½ã ãããã®ãã¼ããéãã¦ãããéãã¦ããããNmapã§ã¯å¤å¥ã§ããªããã¨ãæå³ããããã¼ãããã®ç¶æã«åé¡ã§ããã®ã¯ããã¡ã¤ã¢ã¦ã©ã¼ã«ã«ã¼ã«ã解èª- ããã®ã«ä½¿ãããACKã¹ãã£ã³ã ãã§ãããunfilteredãã¼ãã®ã¹ãã£ã³ããã®ä»ã®ã¹ã- ã£ã³ã¿ã¤ããä¾ãã°Windowã¹ãã£ã³ãSYNã¹ãã£ã³ãFINã¹ã- ã£ã³ãªã©ã§è¡ãã¨ããã¼ããéãã¦ãããã©ããã決ããã®ã«å½¹ç«ã¤å ´åãããã
open|filtered
Nmapããã¼ãããã®ç¶æã«åé¡ããã®ã¯ã対象ã®ãã¼ããéãã¦ããããã£ã«ã¿å¦çããã¦ããããå¤å¥ã§ããªãå ´åã§ãããopenãã¼ãããã®å¿ç- ããªãã¿ã¤ãã®ã¹ãã£ã³ã«ã¯ãããããã±ã¼ã¹ãçºçãããã¾ããå¿çããªããã¨ã¯ããã- ã¼ãããããå¼ãåºããå¿ç- ããã±ãããã£ã«ã¿ãç ´æ£ãããã¨ãæå³ããå ´åãããããã®ããNmapã¯ã対象ã®ãã¼ããopenãªã®ãfilteredãªã®ãã確å®ã«è¦åãããã¨ãã§ããªããUDPãIP ãããã³ã«ãFINãNullãXmasãªã©ã®ã¹ãã£ã³ã¯ããã¼ãããã®ç¶æã«åé¡ããã
closed|filtered
ãã®ç¶æã¯ããã¼ããéãã¦ããããã£ã«ã¿å¦çããã¦ãããããNmapãå¤æ- ã§ããªãå ´åã«ç¨ãããããIPID Idleã¹ãã£ã³ã«ã®ã¿ä½¿ç¨ãããã
ãã¼ãã¹ãã£ã³ã®ãã¯ããã¯
èªåè»ä¿®çã«é¢ãã¦å¨ãã®åå¿èã§ããç- èãä¿®çãè¡ãå ´åãåå§çãªå·¥å·(ãã³ãã¼ããã¯ããã¼ããã¬ã³ããªã©)ã次ãã¨åãåºããç®ã®åã®ä½æ¥- ãè¡ãã®ã«é©ããå·¥å·ãæ¢ãã¦ããã§ããªãããã§ããªãã¨ä½æéãæªæ¦è¦éããæ§ãæ³åã§ãããçµå±ãã¾ãè¡ããããã³ã³ãè»ãæ¬ç©ã®ä¿®çå·¥ã®ã¨ããã¾ã§å¼ã£å¼µã£ã¦ããã¨ãå½¼ã¯ãã¤ã巨大ãªå·¥å·ç®±ãããããæ¼ã£ã¦ãæé©ãªå°éå·ãå¼ã£å¼µãåºãããã¨ãç°¡åã«ä½æ¥- ãçµãããã¦ãã¾ãããã¼ãã¹ãã£ã³ã®æè¡ããããã«ä¼¼ã¦ãããå°é家ã¯æ°å¤ãã®ã¹ã- ã£ã³ãã¯ããã¯ãçç¥ãã¦ãããä¸ããããä½æ¥- ãè¡ãã®ã«æé©ã®ãã¯ããã¯(ãããã¯çµã¿åãã)ãé¸æãããä¸æ¹ãçµé¨ã®ä¹ããã¦ã¼ã¶ãã¹ã¯ãªããã- ãã£ãã¡ã¯ãããããåé¡ãããã©ã«ãã®SYNã¹ã- ã£ã³ã ãã§è§£æ±ºãããã¨ãããNmapã¯ç¡æãªã®ã§ããã¼ãã¹ã- ã£ã³æè¡ã«ç²¾éãããå¦ãã®åããç®ã¯ãç¥èã ããªã®ã ããã®ç¹ã«ã¤ãã¦ã¯ãèªåè»æ¥- çããã¾ããªã®ã¯ééããªãããªã«ããèªåè»æ¥çã§ã¯ãã¹ãã©ãã ã¹ããªã³ã°ã³ã³ãã¬ããµã¼ãå¿è¦ã¨å¤æããã«ã¯åè¶ããã¹ã- ã«ãå¿è¦ã§ããã°ãããããããæã«å¥ããããã«æ°åãã«ãæ¯æããªããã°ãªããªãããã ã
ã»ã¨ãã©ã®ã¹ãã£ã³ã¿ã¤ããå©ç¨ã§ããã®ã¯ãé«ã権éãæã¤ã¦ã¼ã¶ã«éããããããããã¹ã- ã£ã³ã§ã¯çãã±ãããéåä¿¡ããããããããè¡ãã®ã«UNIXã·ã¹ãã ã§ã¯rootã¢ã¯ã»ã¹æ¨©ãå¿è¦ã ããã§ãããWindowsã§ã¯ç®¡çèã¢ã«ã¦ã³ãã®ä½¿ç¨ãæ¨å¥¨ããããããã®ãã©ãããã©ã¼ã ã§ã¯ãWinPcapããã§ã«OSã«ã- ã¼ãããã¦ããå ´åã«ã¯ãNmapãé«ã権éãæããªãã¦ã¼ã¶ã«ãå½¹ã«ç«ã¤å ´åããããNmapããªãªã¼ã¹ããã1997å¹´å½æã¯ãå±ç¨ã®ã·ã§ã«ã¢ã«ã¦ã³ããã使ããªãã¦ã¼ã¶ãå¤ãã£ãã®ã§ãroot権éãå¿è¦ã¨ããæ¡ä»¶ã¯é大ãªå¶ç´ã«ãªã£ããã ãä»ããä¸ã®ä¸- ã¯å¤ãã£ããã³ã³ãã¥ã¼ã¿ã¯ã¾ãã¾ãå®ããªãã常ææ¥ç¶ã®ã¤ã³ã¿ã¼ãããã¢ã¯ã»ã¹ãå©ç¨ããã¦ã¼ã¶ã¯æ¿å¢ãããã¹ã¯ãããã®UNIXã·ã¹ãã (Linux ã MAC OS Xãªã©)ãåºãæ®åãã¦ãããWindowsãã¼ã¸ã§ã³ã®Nmapãå©ç¨å¯è½ã«ãªããããã«å¤ãã®ãã¹ã¯ãããã§Nmapãå®è¡ã§ããããã«ãªã£ã¦ããããããã®çç±ã«ãããã¦ã¼ã¶ãå¶éã®ããå±ç¨ã·ã§ã«ã¢ã«ã¦ã³ãããNmapãå®è¡ããå¿è¦æ§ãå°ãªããªã£ã¦ãã¦ãããããã¯å¥½é½åãªãã¨ã§ãããé«ã権éãå¿è¦ã¨ãããªãã·ã§ã³ãå©ç¨ã§ããã°ãNmapã¯ã¯ããã«å¤§ããªå¹æã¨æè»æ§ãçºæ®ããããã ãã»ã¨ãã©ã®ã¹ã- ã£ã³ã¿ã¤ããå©ç¨ã§ããã®ã¯ãé«ã権éãæã¤ã¦ã¼ã¶ã«éããããããããã¹ã- ã£ã³ã§ã¯çãã±ãããéåä¿¡ããããããããè¡ãã®ã«UNIXã·ã¹ãã ã§ã¯rootã¢ã¯ã»ã¹æ¨©ãå¿è¦ã ããã§ãããWindowsã§ã¯ç®¡çèã¢ã«ã¦ã³ãã®ä½¿ç¨ãæ¨å¥¨ããããããã®ãã©ãããã©ã¼ã ã§ã¯ãWinPcapããã§ã«OSã«ã- ã¼ãããã¦ããå ´åã«ã¯ãNmapãé«ã権éãæããªãã¦ã¼ã¶ã«ãå½¹ã«ç«ã¤å ´åããããNmapããªãªã¼ã¹ããã1997å¹´å½æã¯ãå±ç¨ã®ã·ã§ã«ã¢ã«ã¦ã³ããã使ããªãã¦ã¼ã¶ãå¤ãã£ãã®ã§ãroot権éãå¿è¦ã¨ããæ¡ä»¶ã¯é大ãªå¶ç´ã«ãªã£ããã ãä»ããä¸ã®ä¸- ã¯å¤ãã£ããã³ã³ãã¥ã¼ã¿ã¯ã¾ãã¾ãå®ããªãã常ææ¥ç¶ã®ã¤ã³ã¿ã¼ãããã¢ã¯ã»ã¹ãå©ç¨ããã¦ã¼ã¶ã¯æ¿å¢ãããã¹ã¯ãããã®UNIXã·ã¹ãã (Linux ã MAC OS Xãªã©)ãåºãæ®åãã¦ãããWindowsãã¼ã¸ã§ã³ã®Nmapãå©ç¨å¯è½ã«ãªããããã«å¤ãã®ãã¹ã¯ãããã§Nmapãå®è¡ã§ããããã«ãªã£ã¦ããããããã®çç±ã«ãããã¦ã¼ã¶ãå¶éã®ããå±ç¨ã·ã§ã«ã¢ã«ã¦ã³ãããNmapãå®è¡ããå¿è¦æ§ãå°ãªããªã£ã¦ãã¦ãããããã¯å¥½é½åãªãã¨ã§ãããé«ã権éãå¿è¦ã¨ãããªãã·ã§ã³ãå©ç¨ã§ããã°ãNmapã¯ã¯ããã«å¤§ããªå¹æã¨æè»æ§ãçºæ®ããããã ã
Nmapã¯æ- £ç¢ºãªçµæãåºããã¨è©¦ã¿ããããã®æ´å¯ã¯ãã¹ã¦ãã¿ã¼ã²ãããã·ã³(ãããã¯åé¢ã®ãã¡ã¤ã¢ã¦ã©ã¼ã«)ããéãè¿ããããã±ããã«åºã¥ãã¦å¾ããããã®ã§ããã¨ããç¹ã«çæããå¿è¦ããããRFCã«æºæ ãã¦ããªããã¹ããã¾ãã¾ãåºã使ãããããã«ãªã£ã¦ãããããããã®ãã¹ãããã¯ãNmapã®ãã- ã¼ãã«å¯¾ãã¦ãå½ç¶æ³å®ãããå¿çã¯è¿ã£ã¦ããªããFINãNullãXmasã¹ã- ã£ã³ãªã©ã¯ç¹ã«ããã®åé¡ã®å½±é¿ãåããããããããã¯ç¹å®ã®ã¹ã- ã£ã³ã¿ã¤ãã«åºæã®åé¡ãªã®ã§ãåãã®ã¹ãã£ã³ã¿ã¤ãã®é ã§è¿°ã¹ããã¨ã«ããã
æ¬ç¯ã§ã¯ãNmapããµãã¼ããã10åãã¾ãã®ã¹ã- ã£ã³ãã¯ããã¯ã«ã¤ãã¦è¿°ã¹ãããã®ææ³ã¯ä¸åº¦ã«1ã¤ãã使ããªãããUDPã¹ã- ã£ã³(−sU)ã ãã¯ä¾å¤ã§ãTCPã¹ã- ã£ã³ã¿ã¤ãã®ãããã1ã¤ã¨çµã¿åããã¦ç¨ãããã¨ãã§ããããã¼ãã¹ã- ã£ã³ã¿ã¤ãã®ãªãã·ã§ã³ã¯ãè¦ããããããã«−sCã®å½¢å¼ã«ãªã£ã¦ãããããã§Cã¯ãã¹ã- ã£ã³åã®ãªãã®ç®ç«ã¤æåã§ãé常ã¯é æåã«ãªãããã®è¦åã®ä¾å¤ã®1ã¤ã¯ãå»æ- ¢äºå®ã®FTPãã¦ã³ã¹ã¹ãã£ã³(−b)ã§ãããããã©ã«ãã§ã¯ãNmapã¯SYNã¹ã- ã£ã³ãå®è¡ããããã¦ã¼ã¶ãçãã±ãããéä¿¡ããããã®ç¶ãã¹ã権é(UNIXä¸ã§ã¯rootã¢ã¯ã»ã¹æ¨©ãå¿è¦)ãæã£ã¦ããªãå ´åããIPv6ã®ã¿ã¼ã²ãããæå®ãããå ´åã¯ã代ããã«Connect()ã¹ã- ã£ã³ãç¨ãããããããã§ä¸è¦§ããã¹ã- ã£ã³ã®ãªãã§ãé«ã権éãæããªãã¦ã¼ã¶ãå®è¡ã§ããã®ã¯ãconnect()ã¹ãã£ã³ã¨ ftpãã¦ã³ã¹ã¹ãã£ã³ã ãã§ããã
−sS (TCP SYN ã¹ãã£ã³)
SYNã¹ãã£ã³ã¯ããã©ã«ãã§ãããæ£å½ãªçç±ã§æããã使ç¨ãããã¹ã- ã£ã³ãªãã·ã§ã³ã§ãããå¼·å¶çãªãã¡ã¤ã¢ã¦ã©ã¼ã«ã«ãã妨害ã®ãªããé«éãªãããã¯ã¼ã¯ä¸ã§ã¯ãæ°åãã¼ãæ¯ç§ã¨ããé«éãªã¹ã- ã£ã³ãå®è¡ã§ãããSYNã¹ã- ã£ã³ã¯ãTCPã³ãã¯ã·ã§ã³ã確ç«ããªããããæ¯è¼çç§å¿æ§ãé«ããã¾ããNmapã®Fin/Null/XmasãMaimonãIdleã¹ã- ã£ã³ã®ããã«ç¹å®ã®ãã©ãããã©ã¼ã ã®ç¹è³ªã«å·¦å³ããããã¨ã¯ãªããè¦æ ¼æºæ ã®TCPã¹ã¿ãã¯ãªãä½ã«å¯¾ãã¦ãæ©è½ãããããã«ã¯ãopenãclosedãããã³filteredã¨ãããã¼ãã®ç¶æãæ確ãã¤ç¢ºå®ã«åºå¥ãããã¨ãã§ããã
ãã®ææ³ã¯ãå®å¨ãªTCPã³ãã¯ã·ã§ã³ãéãããã§ã¯ãªãã®ã§ã ãã¼ããªã¼ãã³(half−open)ã¹ã- ã£ã³ã¨å¼ã°ãããã¨ãå¤ããããããå®éã«ã³ãã¯ã·ã§ã³ãéãã¤ããããããã®ããã«ãSYNãã±ãããéä¿¡ããå¿ç- ãå¾ã¤ãSYN/ACKã®å¿ç- ã¯ããã¼ããå¾ã¡åãç¶æ(open)ã§ãããã¨ã示ããã¾ãRST(reset)ã¯ãå¾ã¡åãç¶æã«ãªããã¨ã示ãã¦ãããæ°ååéä¿¡ãã¦ãä½ã®å¿ç- ããªãå ´åããã¼ãã¯filteredã¨è¦ãªããããã¾ããICMPå°éä¸è½ã¨ã©ã¼(ã¿ã¤ã 3ãã³ã¼ã 1ã2ã3ã9ã10ã13)ãéãè¿ãããå ´åãããã¼ãã¯filteredã¨è¦ãªãããã
−sT (TCP connect() ã¹ãã£ã³)
ãTCP Connect()ã¹ãã£ã³ã¯ãSYNã¹ãã£ã³ãé¸æã§ããªãå ´åã®ããã©ã«ãã®TCPã¹ã- ã£ã³ã¿ã¤ãã§ãããã¦ã¼ã¶ãçãã±ããã®æ¨©éãæããªãããIPv6ãããã¯ã¼ã¯ãã¹ã- ã£ã³ããå ´åãããã«ãã¦ã¯ã¾ããNmapã¯ãä»ã®ã»ã¨ãã©ã®ã¹ã- ã£ã³ã¿ã¤ãã®ããã«çãã±ããã«æ¸ãè¾¼ãã®ã§ã¯ãªããconnect()ã·ã¹ãã ã³ã¼ã«ãçºè¡ãã¦ãã¿ã¼ã²ããã®ãã·ã³ããã¼ãã«ã¨ã®ã³ãã¯ã·ã§ã³ã確ç«ããããä¸ä½OSã«è¦æ±ãããããã¯ãWebãã©ã¦ã¶ãP2Pã¯ã©ã¤ã¢ã³ãããã®ä»ã»ã¨ãã©ã®ãããã¯ã¼ã¯å¯¾å¿ã¢ããªã±ã¼ã·ã§ã³ãã³ãã¯ã·ã§ã³ã確ç«ããããã«ä½¿ç¨ããã®ã¨åãé«ã¬ãã«ã®ã·ã¹ãã ã³ã¼ã«ã§ãããããã¯ããBerkeleyã½ã±ããAPIãã¨ãããã- ã°ã©ãã³ã°ã¤ã³ã¿ã¼ãã§ã¼ã¹ã®ä¸é¨ã§ãããNmapã¯ãçãã±ããã®å¿çãåç·ããèª- ã¿è¾¼ãã®ã§ã¯ãªãããã®APIã使ã£ã¦ãæ¥ç¶ã試ã¿ããã³ã«ã¹ãã¼ã¿ã¹æå ±ãå¥æããã
SYNã¹ã- ã£ã³ãå©ç¨ã§ããå ´åã¯é常ããã¡ãã使ç¨ããæ¹ããããNmapã¯çãã±ããããããé«ã¬ãã«ã®ã·ã¹ãã ã³ã¼ã«ã§ããconnect()ã«å¯¾ããã»ããå¶å¾¡ã®èªç±åº¦ãä½ãã®ã§ãå¦çå¹çãæªããªãããã ãconnect()ã·ã¹ãã ã³ã¼ã«ã¯ãSYNã¹ã- ã£ã³ãè¡ãããã«ãã¼ããªã¼ãã³æ¥ç¶ããªã»ããããã®ã§ã¯ãªããã¿ã¼ã²ããã®openãã¼ãã¨ã®ã³ãã¯ã·ã§ã³ã確ç«ããããã®å¦çã¯ãåãæå ±ãå¾ãã®ã«ããã«å¤ãã®æéã¨ãã±ãããå¿è¦ã¨ããã ãã§ãªããã¿ã¼ã²ãããã·ã³ã®ã- ã°ã«æ¥ç¶ãè¨é²ãããå¯è½æ§ãé«ããªããã¾ã¨ããªIDSãªãã©ã¡ããæ¤ç¥ããã¯ãã ããããããã®ãã·ã³ã«ã¯ãã®ãããªè- ¦åã·ã¹ãã ã¯åãã£ã¦ããªããå¹³åçãªUNIXã·ã¹ãã ã§å®è¡ããã¦ãããµã¼ãã¹ã®å¤ãã¯ãNmapãæ¥ç¶ã確ç«ãããã®å¾ãã¼ã¿éä¿¡ãè¡ããã«æ¥ç¶ãéããå ´åãsyslogã«ç°¡åãªè¨é²ãæã«ã¯ä¸å¯è§£ãªã¨ã©ã¼ã¡ãã»ã¼ã¸ã追å ãããçã«ãç²æ«ãªãµã¼ãã¹ã¯ããããèµ·ããå ´åã«åæ- ¢ãã¦ãã¾ãããã¾ããã£ãã«ãªããã¨ã ã管çèã¯ãç¹å®ã®ã·ã¹ãã ããã®æ¥ç¶è©¦è¡ãããªãã®åæ°ã«ããã£ã¦ã- ã°ã«è¨é²ããã¦ããã®ãçºè¦ãããããã®connect()ã¹ã- ã£ã³ã®ã¿ã¼ã²ããã«ãªã£ã¦ããã¨è¦ãªãã¹ãã§ããã
−sU (UDP ã¹ãã£ã³)
ã¤ã³ã¿ã¼ãããä¸ã§æãåºãå©ç¨ããã¦ãããµã¼ãã¹ã®å¤§é¨åã¯ãTCPãã- ãã³ã«ã§å®è¡ããã¦ããããUDP [3] ãµã¼ãã¹ãåºãå°å¥ããã¦ãããDNSãSNMPãDHCP(ããããç»é²ãã¼ã㯠53ã161/162ã67/68)ã®3ã¤ã¯ãæãããå©ç¨ããã¦ããUDPãµã¼ãã¹ã§ãããUDPã¹ã- ã£ã³ã¯é常ãTCPãããå¦çã«æéããããé£æ度ãé«ãã®ã§ãã»ã- ã¥ãªãã£ç£æ»äººã®ãªãã«ã¯ãããã®ãã¼ããç¡è¦ãã人ããããã ãããã¯èª¤ãã§ãããæªç¨å¯è½ãªUDPãµã¼ãã¹ã¯æ¥µãã¦ãããããã®ã§ãããæ»æèããããããã- ãã³ã«ãè¦éããããã¯ãªãããã ã好é½åãªãã¨ã«ãNmapã¯UDPãã¼ãã®ä¸è¦§è¡¨ãä½æããã®ã«å½¹ç«ã¦ããã¨ãã§ããã
UDPã¹ãã£ã³ãä½åãããã«ã¯ã−sUãªãã·ã§ã³ãæå®ãããSYN ã¹ã- ã£ã³(−sS)ãªã©ã®TCPã¹ãã£ã³ã¿ã¤ãã¨çµã¿åããã¦ç¨ãã¦ãåãå®è¡æéä¸- ã«ä¸¡æ¹ã®ãããã³ã«ããã§ãã¯ã§ããã
UDPã¹ã- ã£ã³ã¯ã空ã®(ãã¼ã¿ãªã)UDPããããåã¿ã¼ã²ãããã¼ãã«éããã¨ã§æ©è½ãããICMPãã¼ãå°éä¸è½ã¨ã©ã¼(ã¿ã¤ã3ãã³ã¼ã 1ã2ã9ã10ã13)ãè¿ãããå ´åããã¼ãã¯closedï¼éãã¦ããï¼ç¶æã«ããããã®ä»ã®ICMPãã¼ãå°éä¸è½ã¨ã©ã¼(ã¿ã¤ã3ãã³ã¼ã3)ãè¿ãããå ´åããã¼ãã¯filteredï¼ãã£ã«ã¿ããï¼ã¨è¦ãªããããã¾ãã«ãµã¼ãã¹ãUDPãã±ããã§å¿ç- ãããã¨ããããããã®å ´åã¯ãã¼ããopenã§ãããã¨ãããããæ°åã®å試è¡ã®å¾ãå¿ç- ããªãå ´åããã¼ãã¯open|filteredã«åé¡ããããããã¯ããã¼ããéãã¦ãããããããã¯ãã±ãããã£ã«ã¿ãéä¿¡ãé»ãã§ãããã¨ãæå³ããããã¼ã¸ã§ã³ã¹ã- ã£ã³(−sV)ãç¨ãã¦ãå®éã«éãã¦ãããã¼ãã¨ãã£ã«ã¿å¦çããããã¼ããèå¥ãããã¨ãã§ããã
UDPã¹ã- ã£ã³ã«é¢ãã大ããªèª²é¡ã¯ãå¦çã®é«éåã§ãããOpenãã¼ããfilteredãã¼ãããå¿ç- ãéãè¿ããããã¨ã¯ã»ã¨ãã©ãªããããNmapã¯ãã®ã¾ã¾ã¿ã¤ã ã¢ã¦ãããããã¼ããå¿ç- ãè¡æ¹ä¸æã«ãªã£ãå ´åã«åãã¦å試è¡ãè¡ããã¨ã«ãªããéãããã¼ãã¯ãããã«å¤§ããªåé¡ã«ãªãå ´åãå¤ããéãããã¼ãããã¯é常ãICMPãã¼ãå°éä¸è½ã¨ã©ã¼ãè¿ãããããéããTCPãã¼ããSYNãConnectã¹ã- ã£ã³ã«å¿ç- ãã¦RSTãã±ãããéãå ´åã¨ã¯ç°ãªããå¤ãã®ãã¹ãã§ã¯ãICMPãã¼ãå°éä¸è½ã¡ãã»ã¼ã¸ãããã©ã«ãã§ã¬ã¼ãå¶éããã¦ãããLinux ã Solarisã¯ããã®ç¹ã«é¢ãã¦ç¹ã«å³ãããä¾ãã°ãLinux 2.4.20ã«ã¼ãã«ã¯ãå®åå°éä¸è½ã¡ãã»ã¼ã¸ãæ¯ç§1å(net/ipv4/icmp.cã§æå®)ã«å¶éãã¦ããã
Nmapã¯ã¬ã¼ãå¶éãæ¤åºããããã«å¿ãã¦å¦çé度ãä¸ãã¦ãã¿ã¼ã²ãããã·ã³ã§è½ã¨ããããããªç¡ç¨ãªãã±ããã§ãããã¯ã¼ã¯ã溢ããããªãããã«ãããæ®å¿µãªãããLinuxæ¹å¼ã§æ¯ç§1ãã±ããã«å¶éãããã¨ã65,536åã®ãã¼ããã¹ã- ã£ã³ããã®ã«18æéãã¾ãããããUDPã¹ã- ã£ã³ã®é度ãä¸ããããã®ã¢ã¤ãã¢ã«ã¯ã次ã®ãããªãã®ããããåæ並è¡ã§ã¹ã- ã£ã³ãããã¹ãã®æ°ãå¢ããããã使ããããã¼ãã ããåã«éç¹çã«ã¹ã- ã£ã³ããããã¡ã¤ã¢ã¦ã©ã¼ã«ã®èå¾ããã¹ã- ã£ã³ããã−−host−timeoutãªãã·ã§ã³ã使ã£ã¦ä½éãªãã¹ããã¹ãããããã
−sN; −sF; −sX (TCP NullãFINãããã³Xmasã¹ãã£ã³)
ããã3ã¤ã®ã¹ã- ã£ã³ã¿ã¤ã(次ã®ç¯ã§è¿°ã¹ã−−scanflagsãªãã·ã§ã³ãä½µç¨ããã¨ããã«ãããããªãã¨ãã§ãã)ã¯ãTCP RFC [4] ã®å·§å¦ãªæãç©´ãçªãã¦ãopenãã¼ãã¨closedãã¼ããè- å¥ããããã®ãã®ã§ãããTCP RFCã®65ãã¼ã¸ã«ã¯ããå®åãã¼ãã®ç¶æã CLOSEDãªãã°…ãRSTãå«ã¾ãªãå¥åã»ã°ã¡ã³ãã¯ããã®å¿ç- ã¨ãã¦RSTãéä¿¡ãããã¨ããã次ã®ãã¼ã¸ã§ã¯ãSYNãRSTãACKãªã©ã®ãããã»ãããå«ã¾ãªããopenãã¼ãå®ã¦ãã±ããã«ã¤ãã¦è¿°ã¹ã¦ããããããã«è³ããã¨ã¯ãªãããã§ããããããè³ã£ããã»ã°ã¡ã³ããç ´æ£ãã¦ãªã¿ã¼ã³ãããã¨ããã
ãã®RFCææ¸ã«æºæ ãã¦ããã·ã¹ãã ãã¹ã- ã£ã³ããã¨ãSYNãRSTãACKãªã©ã®ãã©ã°ããããå«ã¾ãªããã±ããã«å¯¾ãã¦ã¯ããã¼ããéãã¦ããå ´åã¯RSTãè¿ããããã¼ããéãã¦ããå ´åã¯ä½ã®å¿ç- ãè¿ãããªããã¨ã«ãªããããã3ã¤ã®ãã©ã°ããããå«ã¾ããªãéããä»ã®3ã¤(FINãPSHãURG)ãã©ã®ããã«çµã¿åããã¦ããããNmapã¯ä»¥ä¸ã®3ã¤ã®ã¹ã- ã£ã³ã¿ã¤ãã§ãã®å¼±ç¹ãçªãã
Null ã¹ãã£ã³ (−sN)
ä½ã®ããããè¨å®ããªã(tcpãããã®ãã©ã°ã¯0)
FIN ã¹ãã£ã³ (−sF)
TCP FINãããã ããè¨å®ãã
Xmas ã¹ãã£ã³ (−sX)
FINãPSHãURGã®ãã©ã°ããã¹ã¦è¨- å®ããã¯ãªã¹ãã¹ããªã¼ã®ããã«ãã±ãããã©ã¤ãã¢ãããã
ããã3ã¤ã®ã¹ãã£ã³ã¿ã¤ãã¯ãããã¼ããã±ããã«è¨- å®ãããTCPãã©ã°ã®éããé¤ãã°ãã¾ã£ããåãåä½ã示ããRSTãè¿ãããå ´åãã¿ã¼ã²ãããã¼ãã¯closedã¨è¦ãªãããä½ã®å¿ç- ããªãå ´åã¯open|filteredã«ãªãããã¼ããfilteredã«åé¡ãããã®ã¯ãICMPå°éä¸è½ã¨ã©ã¼(ã¿ã¤ã 3ãã³ã¼ã 1ã2ã3ã9ã10ã13)ãè¿ãããå ´åã§ããã
ãããã®ã¹ã- ã£ã³ã®æ大ã®å©ç¹ã¯ãç¹å®ã®ã¹ãã¼ãã¬ã¹ãªãã¡ã¤ã¢ã¦ã©ã¼ã«ããã±ãããã£ã«ã¿ãªã³ã°ã»ã«ã¼ã¿ãããæãããã¨ãã§ããç¹ã§ãããããã«ã¯ãSYNã¹ã- ã£ã³ãããããç§å¿æ§ãé«ããã¨ãå©ç¹ã¨ãã¦æããããããããããã¾ãå½ã¦ã«ããªãããã«ãæè¿ã®IDS製åã¯ã»ã¨ãã©ãããããæ¤ç¥ããããã«è¨- å®ã§ããããã ãä¸å©ãªç¹ã¯ããã¹ã¦ã®ã·ã¹ãã ãRFC 793ã«å¿ å®ã«æºæ ãã¦ããããã§ã¯ãªããã¨ã ããã¼ããéãã¦ãããå¦ãã«é¢ä¿ãªãããã- ã¼ãã«å¯¾ãã¦RSTå¿ç- ãéä¿¡ããã·ã¹ãã ã¯æ°å¤ããããããã«ããããã¹ã¦ã®ãã¼ãã¯closedã«åé¡ããããã¨ã«ãªããã¡ã¸ã£ã¼ãªOSã§ãããè¡ãã®ã¯ããã¤ã¯ã- ã½ããWindowsãå¤ãã®ã·ã¹ã³è£½ããã¤ã¹ãBSDIãIBM OS/400ãªã©ãæãããããããã§ããã®ã¹ã- ã£ã³ã¯ãã»ã¨ãã©ã®UNIXãã¼ã¹ã®ã·ã¹ãã ã«å¯¾ãã¦ã¯æå¹ã§ãããã¾ããã1ã¤ä¸å©ãªç¹ã¯ãopenãã¼ãã¨ç¹å®ã®filteredãã¼ããåºå¥ã§ããªãã®ã§ãå¿ç- ãopen|filteredã«åé¡ããããã¨ã§ããã
−sA (TCP ACK ã¹ãã£ã³)
ãã®ACKã¹ã- ã£ã³ã¯ãopenãã¼ã(open|filteredã)ãå¤å¥ããªãã¨ããç¹ã§ãããã¾ã§è¿°ã¹ã¦ããã¹ã- ã£ã³ã¨ã¯ç°ãªã£ã¦ããããã¡ã¤ã¢ã¦ã©ã¼ã«ã®ã«ã¼ã«ã»ãããæããã«ããããã«ç¨ãããããã¡ã¤ã¢ã¦ã©ã¼ã«ãã¹ãã¼ããã«ãå¦ããã©ã®ãã¼ãããã£ã«ã¿ããã¦ããããªã©ã決å®ããã
ACKã¹ãã£ã³ã®ããã¼ããã±ããã¯ãACKãã©ã°ã ããè¨- å®ããã¦ãã(−−scanflagsãç¨ãã¦ããå ´åãé¤ã)ããã£ã«ã¿ãªãã®ã·ã¹ãã ãã¹ã- ã£ã³ããå ´åã¯ãopenãã¼ãã¨closedãã¼ãã®ä¸¡æ¹ããRSTãã±ãããè¿ããããNmapã¯ããããunfilteredã¨ãã¦åé¡ãããããªãã¡ããã¼ãã¯ACKãã±ããã§å°éå¯è½ã ããopenãclosedãã¯å¤å¥ã§ããªããã¨ãæå³ãããå¿ç- ãè¿ããªããã¼ãããç¹å®ã®ICMPã¨ã©ã¼ã¡ãã»ã¼ã¸(ã¿ã¤ã 3ãã³ã¼ã 1ã2ã3ã9ã10ã13)ãè¿ããã¼ãã¯filteredã«åé¡ãããã
−sW (TCP ã¦ã£ã³ãã¦ã¹ãã£ã³)
ã¦ã£ã³ãã¦ã¹ãã£ã³ã¯ã以ä¸ã®ç¹ãé¤ãã¦ã¯ãACKã¹ã- ã£ã³ã¨ã¾ã£ããåããã®ã§ãããããªãã¡ãRSTãè¿ãããã常ã«unfilteredã¨åé¡ããã®ã§ã¯ãªããç¹å®ã®ã·ã¹ãã ã®å®è£ã«é¢ããæå ±ãç¨ãã¦ãopenãã¼ãã¨closedãã¼ããè- å¥ããç¹ã§ãããããã¯ãè¿ãããRSTãã±ããã®TCPã¦ã£ã³ãã¦ã®ãã£ã¼ã«ãã調æ»ãã¦å¤æ- ãããä¸é¨ã®ã·ã¹ãã ã§ã¯ãopenãã¼ãã§æ- £ã®å¤ã®ã¦ã£ã³ãã¦ãµã¤ãº(RSTãã±ããã«å¯¾ãã¦ã)ã使ãããclosedãã¼ãã§ã¯ã¼ã- ã«ãªããããã«ãããã¦ã£ã³ãã¦ã¹ã- ã£ã³ã¯ãRSTãè¿ãããå ´åã¯å¸¸ã«ãã¼ããunfilteredã«åé¡ããã®ã§ã¯ãªããRSTãã±ããåã®TCPã¦ã£ã³ãã¦ãµã¤ãºã®å¤ãæ- £ã§ãããã¼ãã§ãããã«ãã£ã¦ãããããopenãã¼ããclosedãã¼ããã«åé¡ããã
ãã®ã¹ã- ã£ã³ã¯ãã¤ã³ã¿ã¼ãããä¸ã§ã¯å°æ°æ´¾ã®ã·ã¹ãã ã®å®è£ã«é¢ããæå ±ã«åºã¥ãã¦ããã®ã§ãå¿ãããä¿¡ç¨ã§ããã¨ã¯éããªããé常ããã®å®è£ããµãã¼ããã¦ããªãã·ã¹ãã ã¯ããã¹ã¦ã®ãã¼ããclosedã¨ããå¿ç- ãè¿ãããã¡ããã対象ãã·ã³ã«éãã¼ããæ¬å½ã«1ã¤ããªãå ´åãããå¾ããã¹ã- ã£ã³ãããã¼ãã®ã»ã¨ãã©ãclosedã§ãããã使ããããã¼ãçªå·(22ã25ã53ãªã©)ãããã¤ãfilteredã§ããå ´åããã®ã·ã¹ãã ã¯å½±é¿ãåããå¯è½æ§ãæãé«ããã¾ãã¾ãã«ãã·ã¹ãã ãã¾ãã«æ- £å対ã®æåã示ãå ´åããããã¹ãã£ã³ã®çµæãéãã¼ãã1000åã§ãclosed ã filteredã3åãããã¨ãããã£ãå ´åããã®3åã®ãã¼ãããããæ¬å½ã¯openãã¼ãã§ããå¯è½æ§ã¯ããªãé«ãã
−sM (TCP Maimon ã¹ãã£ã³)
Maimonã¹ãã£ã³ã¯ãçºè¦èã§ããUriel Maimonæ°ã®ååã«ã¡ãªãã§åä»ããããããã®ææ³ã«é¢ããåæ°ã®è«æã¯ããPhrackãèªã®ç¬¬49å·(1996å¹´11æçºè¡)ã«æ²è¼ãããããã®ææ³ãæ- è¼ããNmapã¯ãããã®2å·å¾ã®ç¬¬51å·ã§å¬éããããMaimonã¹ãã£ã³ã¯ããã- ã¼ããFIN/ACKã§ããã¨ããç¹ä»¥å¤ã¯ãNullãFINãXmasã¹ã- ã£ã³ã¨ã¾ã£ããåããã®ã§ãããRFC 793 (TCP)ã«ããã¨ããã®ç¨®ã®ããã¼ãã®å¿ç- ã¨ãã¦ã¯ããã¼ããopenã closedãã«é¢ä¿ãªããRSTãã±ãããçæããããã¨ã«ãªã£ã¦ãããã ãMaimonæ°ã¯ãBSDç±æ¥ã®ã·ã¹ãã ã®å¤ãã§ããã¼ããéãã¦ããå ´åã«ã¯ãåã«ãã±ãããç ´æ£ãããã ãã«ãªãã¨ããç¾è±¡ãè¦åºããã
−−scanflags (ã«ã¹ã¿ã TCP ã¹ãã£ã³)
æ¬ç©ã®Nmapä¸ç´ã¦ã¼ã¶ãªãããããããç¨æãããã¹ã- ã£ã³ã¿ã¤ãã使ãã ãã§æºè¶³ãã¦ããå¿è¦ã¯ãªãããã®−−scanflagsãªãã·ã§ã³ã使ãã¨ãä»»æã®TCPãã©ã°ãæå®ãããã¨ã§ãã¦ã¼ã¶ç¬èªã®ã¹ã- ã£ã³ãè¨è¨ãããã¨ãã§ããããããåµé åãå¨éã«ãã¦ãNmapã®manãã¼ã¸ããã æµãèª- ã¿ãã¦å·ä½çãªã«ã¼ã«ã追å ãã¦ãããããªã¡ã¼ã«ã¼ã®IDSã®è£ãããã¦ãããã
−−scanflagsã®å¼æ°ã¯ãä¾ãã°9(PSH 㨠FIN)ãªã©ã®æ°å- ã®ãã©ã°å¤ã§æå®ãããã¨ãã§ããããè¨å·åã使ã£ãæ¹ãç°¡åã§ãããURGãACKãPSHãRSTãSYNãFINããã¡ãã¾ãã«çµã¿åãããã°ããã ãã ãä¾ãã°−−scanflags URGACKPSHRSTSYNFINã§å¨é¨æå®ã§ããããã ãããã£ã¨ãããã¯ãå®éã®ã¹ã- ã£ã³ã«ã¯ä½¿ããªããå¼æ°ãæå®ããé åºã¯ä¸åã§ããã
ã¾ãããã§ã¯ã使ããããã©ã°ã ãã§ãªããTCPã¹ãã£ã³ã¿ã¤ã(−sA ã −sFãªã©)ãæå®ã§ããããã®åºæ¬ã¿ã¤ãã«ãã£ã¦ãå¿ç- ã解éããæ¹æ³ãNmapã«ä¼ãããä¾ãã°ãSYNã¹ãã£ã³ã§ããã°ãå¿ç- ãªãã¯filteredãã¼ãã§ãããã¨ã¨è¦ãªããFINã¹ãã£ã³ã§ããã°ãåãå¿ç- ãªããopen|filteredã¨è§£éããããã ãNmapã¯ããã®åºæ¬ã®ã¹ã- ã£ã³ã¿ã¤ãã¨åãåä½ãããããç°ãªãç¹ã¯ãã¦ã¼ã¶ãæå®ããTCPãã©ã°ã代ããã«ä½¿ããã¨ã§ãããåºæ¬ã®ã¹ã- ã£ã³ã¿ã¤ããæå®ãããªãå ´åã¯ãSYNã¹ãã£ã³ã使ç¨ãããã
−sI
ãã®é«åº¦ãªã¹ã- ã£ã³ææ³ã使ç¨ããã¨ã対象ãã¹ãã«å¯¾ãã¦å®å¨ã«å¿åã§TCPãã¼ãã¹ã- ã£ã³ãå®è¡ã§ãã(ã¹ã- ã£ã³ããå´ã®å®IPã¢ãã¬ã¹ããã¯ã対象ãã¹ãã«ãã±ãããéä¿¡ãããªã)ãããã ãã§ã¯ãªããã¾ã³ããã¹ãä¸ã§é£ç¶çã«çæãããIPãã©ã°ã¡ã³ãID(è- å¥å- )ãäºæ¸¬å¯è½ã§ãããã¨ãå·§å¦ã«å©ç¨ããç¬èªã®ãµã¤ããã£ãã«æ»æãå®è¡ãã¦ã対象ãã¹ãä¸ã®openãã¼ãã«é¢ããæå ±ãåéãããã¨ãã§ãããIDSã·ã¹ãã ã§ã¯ããã®ã¹ã- ã£ã³ã¯ãã¡ãã§æå®ããã¾ã³ããã·ã³(稼åä¸- ã§ãã¤ç¹å®ã®æ¡ä»¶ãæºããå¿è¦ããã)ããè¡ããã¦ãããã®ã¨ãã¦è¡¨ç¤ºãããããã®é常ã«èå³æ·±ãã¹ã- ã£ã³ã¿ã¤ãã¯è¤éããã¦æ¬ç¨¿ã§ã¯ã¨ã¦ãå¨å®¹ã説æããããªãã®ã§ãå®å¨ãªè©³ç´°ãæ²è¼ããéå¬å¼ã®è«æã以ä¸ã«æ稿ãã¦ãããã¨ã«ããï¼- https://nmap.org/book/idlescan.html
ãã®ã¹ã- ã£ã³ã¿ã¤ãã¯ã(ãã®å¿åæ§ã®ããã«)æ ¼å¥ã«ç§å¿æ§ãé«ããã¨ã«å ãããã·ã³éã®IPãã¼ã¹ã®ä¿¡é ¼é¢ä¿ãæããã«ãããã¨ãã§ããããã¼ããªã¹ãã«ã¯ãæå®ããã¾ã³ããã¹ãããè¦ãopenãã¼ãã表示ãããããã£ã¦ã(ã«ã¼ã¿/ãã±ãããã£ã«ã¿ã®ã«ã¼ã«ãã)ä¿¡é ¼é¢ä¿ã«ããã¨æãããæ§ããªã¾ã³ããã·ã³ã使ã£ã¦ã¿ã¼ã²ãããã¹ã- ã£ã³ãã¦ã¿ããã¨ãã§ããã
IPIDã®å¤åã«ã¤ãã¦ãã¾ã³ããã¹ãã®ç¹å®ã®ãã¼ãã調æ»ãããå ´åã¯ãã³ã- ã³ã®å¾ã«ãã¼ãçªå·ãä»ãããã®ãã¾ã³ããã¹ãã«è¿½å ãã¦æå®ã§ãã(ã¾ã³ããã¹ã:ãã- ã¼ããã¼ã)ãããã§ãã¼ããæå®ããªãå ´åãNmapã¯TCP Pingç¨ã«ããã©ã«ãã§ä½¿ç¨ãããã¼ã(80)ãç¨ããã
−sO (IP ãããã³ã« ã¹ãã£ã³)
IPãããã³ã«ã¹ãã£ã³ã使ãã¨ãã¿ã¼ã²ãããã·ã³ä¸ã§ã©ã®IPãã- ãã³ã«(TCPãICMPãIGMPãªã©)ããµãã¼ãããã¦ããããç¹å®ã§ãããç¹°ãè¿ã表示ãããã®ã¯ãTCP ã UDPã®ãã¼ãçªå·ã§ã¯ãªãã¦ãIPãããã³ã«çªå·ãªã®ã§ãå³å¯ã«ã¯ãã¼ãã¹ã- ã£ã³ã¨ã¯è¨ããªããã¨ã¯ãããã¹ãã£ã³ãããã- ãã³ã«çªå·ãé¸å®ããã®ã«−pãªãã·ã§ã³ã使ããçµæã¯æ¨æºçãªãã¼ããã¼ãã«å½¢å¼ã§ã¬ãã¼ãããå®éã®ãã¼ãã¹ã- ã£ã³ææ³ã¨åãã¹ãã£ã³ã¨ã³ã¸ã³ãåºç¤ã«ç¨ãã¦ããããã®ããããã¼ãã¹ã- ã£ã³ã«ååè¿ããã®ã¨ãã¦ãããã«å«ããã
ãããã³ã«ã¹ã- ã£ã³ã¯æ©è½ã¨ãã¦æç¨ã§ããã ãã§ãªãããªã¼ãã³ã½ã¼ã¹ã½ããã¦ã§ã¢ã¨ãã¦ã®å¼·åãã示ããã®ã§ãããããã®æ©è½ã«ã¤ãã¦ã¯ãåºæ¬ã¨ãªãã¢ã¤ãã¢ã¯æ¥µãã¦åç´ã ããç- èèªèº«è¿½å ãããã¨æã£ããã¨ããªãã£ãããå¨ãããããããè¦æãå¯ãããããã¨ããªãã£ããããã¦2000å¹´ã®å¤ãGerhard Riegeræ°ãã¢ã¤ãã¢ãèæ¡ããç´ æ´ãããå®è£ããããä½æãã¦ããnmap−hackersãã¡ã¼ãªã³ã°ãªã¹ãã«æ稿ãã¦ããããç- èã¯ãã®ããããNmapã®ããªã¼ã«çµã¿è¾¼ãã§ããã®ç¿æ¥ã«æ°ãã¼ã¸ã§ã³ã¨ãã¦å¬éãããå¸è²©ã®ã½ããã¦ã§ã¢ã§ããã®æ©è½åä¸ã®ããã«è¨- è¨æ®µéããå¯ä¸ããã»ã©ç±å¿ãªã¦ã¼ã¶ãæã¤ã½ããã¯ã»ã¨ãã©ãªã
ãããã³ã«ã¹ãã£ã³ã¯ãUDPã¹ã- ã£ã³ã¨åæ§ã®ä»çµã¿ã§æ©è½ãããããªãã¡ãUDPãã±ããã®ãã¼ãçªå·ãã£ã¼ã«ãããã¹ã¦ç¹°ãè¿ã試è¡ãã代ããã«ãIPãã±ããããããéä¿¡ãã¦ã8bitã®IPãã- ãã³ã«çªå·ãã£ã¼ã«ãããã¹ã¦ç¹°ãè¿ã試è¡ããããã®ãããã¯é常ã¯ç©ºã§ãä½ã®ãã¼ã¿ããæ±ãããããã- ãã³ã«ã«é©ãããããããå«ã¾ãã¦ããªããããã«ã¯ä¾å¤ã3ã¤ãããTCPãUDPãICMPã§ããããããã®ãã- ãã³ã«ã«ã¤ãã¦ã¯ãé©åãªãã- ãã³ã«ããããå«ã¾ãããããããªãã¨ããããéä¿¡ããªãã·ã¹ãã ãããããã§ãNmapã¯ãã§ã«ããããä½æããæ©è½ãåãã¦ããããã- ãã³ã«ã¹ã- ã£ã³ã¯ãICMPãã¼ãå°éä¸è½ã¡ãã»ã¼ã¸ã§ã¯ãªãã¦ãICMPprotocolå°éä¸è½ã¡ãã»ã¼ã¸ãè¿ãããã®ãå¾ã¤ãNmapã¯ã¿ã¼ã²ãããã¹ãããä½ããã®å¿ç- ãä½ããã®ãããã³ã«ã§åä¿¡ããå ´åããã®ãããã³ã«ãopenã¨ãã¦åé¡ãããICMPãã- ãã³ã«å°éä¸è½ã¨ã©ã¼(ã¿ã¤ã 3ã ã³ã¼ã 2)ãè¿ããããããã- ãã³ã«ã¯closedã¨åé¡ãããããã®ä»ã®ICMPå°éä¸è½ã¨ã©ã¼(ã¿ã¤ã 3ã ã³ã¼ã 1ã3ã9ã10ã13)ãè¿ããããããã- ãã³ã«ã¯filteredã¨ãã¼ã¯ããã(ã¾ãããã«ãããICMPãopenã§ãããã¨ãåæã«æããã«ãªã)ãæ°ååéãã¦ãä½ã®å¿ç- ããªãå ´åããããã³ã«ã¯open|filteredã¨ãã¦åé¡ãããã
−b
FTPãããã³ã«(RFC 959 [5] )ã®èå³æ·±ãç¹å¾´ã®1ã¤ã¯ãããããããã- ã·FTPæ¥ç¶ã«å¯¾å¿ãã¦ãããã¨ã§ãããããã«ãããã¦ã¼ã¶ã¯ä¸å°ã®FTPãµã¼ãã«æ¥ç¶ãããã®ãã¡ã¤ã«ã第ä¸èãµã¼ãã«éãããã«è¦æ±ã§ãããããã¯ãæ§ããªã¬ãã«ã®æªç¨ã«ãã£ã¦ã¤ãã®æ©è½ãªã®ã§ãããã¦ãã®ãµã¼ãã§ã¯ããµãã¼ãããã®ãæ- ¢ãã¦ãããä¾ãã°ããã®æ©è½ãæªç¨ãã¦ãFTPãµã¼ãã«ä»ã®ãã¹ãããã¼ãã¹ã- ã£ã³ããããã¨ãå¯è½ã§ãããåã«ãã¿ã¼ã²ãããã¹ãã®èå³ãããã¼ãã«é ã«ãã¡ã¤ã«ãéä¿¡ããããããã®FTPãµã¼ãã«è¦æ±ããã ãã§ãããã¨ã©ã¼ã¡ãã»ã¼ã¸ã«ã¯ããã¼ããéãã¦ãããå¦ããè¨è¿°ããããããã¯ããã¡ã¤ã¢ã¦ã©ã¼ã«ãããæããããã®æå¹ãªæ段ã«ãªããçµç¹ã®FTPãµã¼ãã¯ãã©ããªã¤ã³ã¿ã¼ããããã¹ãããããä»ã®åé¨ãã¹ãã«ã¢ã¯ã»ã¹ããããå ´æã«è¨- ç½®ããã¦ããå ´åãå¤ãããã ãNmapã¯ã−bãªãã·ã§ã³ã§ftpãã¦ã³ã¹ã¹ã- ã£ã³ãå®è¡ã§ãããå¼æ°ã¯username:password@server:portã®ãããªå½¢å¼ã«ãªããServerã¯ããã®èå¼±æ§ã®å½±é¿ãåããFTPãµã¼ãã®ååãIPã¢ãã¬ã¹ãæå®ãããé常ã®URLã®å ´åã¨åæ§ã«ãå¿åã- ã°ã¤ã³ã®èªè¨¼æå ±(user: anonymous password:−wwwuser@)ã使ãããå ´åã¯ãusername:passwordã®é¨åã¯çç¥ã§ãããserverã®ããã©ã«ãã®FTPãã¼ã(21)ãç¨ããå ´åã¯ããã¼ãçªå·(ã¨åã®ã³ã- ã³)ãçç¥å¯è½ã§ããã
ãã®èå¼±æ§ã¯ãNmapããªãªã¼ã¹ããã1997å¹´ã«å¤§ããåºã¾ã£ãããä»ã§ã¯ã»ã¨ãã©ä¿®æ- £ããã¦ãããããã§ããèå¼±ãªãµã¼ãã¯ããã¾ã ã«ãã¡ããã¡ãã«ããã®ã§ããã®ä»ã®æ¹æ³ããã¹ã¦å¤±æããå ´åã¯ã試ãã¦ã¿ãã ãã®ä¾¡å¤ã¯ããããã¡ã¤ã¢ã¦ã©ã¼ã«ã®åé¿ãç®çãªããã¿ã¼ã²ãããããã¯ã¼ã¯ãã¹ã- ã£ã³ãã¦éãã¦ãã21çªãã¼ã(ãããã¯ãã¼ã¸ã§ã³æ¤åºã§ãã¹ã¦ã®ãã¼ããã¹ã- ã£ã³ããå ´åã¯ftpãµã¼ãã¹ãªãä½ã§ããã)ãæ¢ãåºããããããã®ãã¼ããç¨ãã¦ãã¦ã³ã¹ã¹ã- ã£ã³ã試ãã¦ã¿ããã¨ã ãNmapã使ãã¨ã対象ã®ãã¹ããèå¼±ãå¦ããè¦åãããã¨ãã§ãããåã«èªåã®è¡åã®å½¢è·¡ãé ããã¨ãã¦ããã ãã§ããã°ãã¿ã¼ã²ãããããã¯ã¼ã¯ä¸ã®ãã¹ãã ãã«å¯¾è±¡ãéå®ããå¿è¦ã¯ãªã(ãããããããããã¹ãã§ã¯ãªã)ãèå¼±ãªFTPãµã¼ããæ±ãã¦ã¤ã³ã¿ã¼ãããã¢ãã¬ã¹ãç¡ä½çºã«ã¹ã- ã£ã³ããå ´åã¯ãå§ããåã«ãã·ã¹ãã 管çèã¯ãã®ãããªæ¹æ³ã§èªåã®ãµã¼ããä¸æ- £ã«ä½¿ç¨ããããã¨ãè¿·æããå ´åããããã¨ãé ã«å¥ãã¦ããå¿è¦ãããã
ãã¼ãã®æå®ã¨ã¹ãã£ã³ã®é åº
Nmapã«ã¯ãããã¾ã§ã«è¿°ã¹ããã¹ã¦ã®ã¹ãã£ã³ææ³ã«å ãã¦ãã©ã®ãã¼ããã¹ã- ã£ã³ãããããã¹ã- ã£ã³ã®é åºãã©ã³ãã ã«ãããé åºéãã«ããããªã©ãæå®ããããã®ãªãã·ã§ã³ãç¨æããã¦ãããããã©ã«ãã§ã¯ãNmapã¯ã1024çª(ãå«ã)ã¾ã§ã®å¨ãã¼ãã¨ã1025çªä»¥éã®ãã¼ãã¯ã¹ã- ã£ã³å¯¾è±¡ã®ãããã³ã«ã«å¿ãã¦nmap−servicesãã¡ã¤ã«ã«è¨è¼ããããã¼ããã¹ãã£ã³ããã
−p
ãã®ãªãã·ã§ã³ã§ãã¹ã- ã£ã³ããããã¼ããæå®ã§ããããã®æå®ã¯ãããã©ã«ãããåªåãããããã¼ãçªå·ã¯åå¥ã«æå®ãã¦ãããã¤ãã³åºåãã®ç¯å²(ä¾ï¼1−1023)ã§æå®ãã¦ããããç¯å²ã®åé ãçµç«¯ã®å¤ã¯çç¥ã§ããå ´åãããããã®å ´åã¯ç¯å²ã®åé ã«1ãçµç«¯ã«65535ããããã使ãããããããã£ã¦ã−p−ã¨æå®ããã¨ã1çªãã65535çªã¾ã§ã®ãã¼ããã¹ã- ã£ã³ã§ãããã¼ãçªãã¼ãã®ã¹ãã£ã³ã¯ãæ示çã«æå®ãããã¨ã§å®è¡ã§ãããIPãã- ãã³ã«ã¹ãã£ã³(−sO)ãè¡ãã«ã¯ããã®ãªãã·ã§ã³ã§ã¹ãã£ã³ããããã- ãã³ã«çªå·ãæå®ãã(0−255)ã
TCPãã¼ãã¨UDPãã¼ã両æ¹ã®ã¹ã- ã£ã³ãå®è¡ããå ´åã¯ããã¼ãçªå·ã®åã«T:ãU:ã¨ããéå®åãä»ãããã¨ã§ãç¹å®ã®ãã- ãã³ã«ãæå®ã§ããããã®éå®åã¯ã次ã«å¥ã®éå®åãæå®ãããã¾ã§æå¹ã«ãªããä¾ãã°ã−p U:53,111,137,T:21−25,80,139,8080 ã¨ããå¼æ°ãæå®ããã¨ãUDPãã¼ãã®53çªã111çªã137çªã¨ãåæããTCPãã¼ãã®ã¹ã- ã£ã³ãå®è¡ããããUDPã¨TCPãã¼ã両æ¹ã®ã¹ã- ã£ã³ãå®è¡ããããã«ã¯ã−sUããã³æä½1ã¤ã®TCPã¹ã- ã£ã³ã¿ã¤ã(−sSã−sFã−sTãªã©)ãæå®ããå¿è¦ãããã®ã§æ³¨æãããã¨ããããã³ã«éå®å- ãç¹ã«æå®ããã¦ããªãå ´åãæå®ãããããã®ãã¼ãçªå·ã¯ãã¹ã¦ã®ãã- ãã³ã«ãªã¹ãã«è¿½å ãããã
−F (é«é (éå®ãããã¼ãã ã) ã¹ãã£ã³)
Nmapã«å梱ããã¦ããnmap−servicesãã¡ã¤ã«(−sOã§ã¯ãprotocolsããã¡ã¤ã«)ã«åæããã¦ãããã¼ãã ããã¹ã- ã£ã³ããããã«æå®ããããããããã¨ã§ããã¹ãä¸ã®å¨65535ãã¼ããã¹ã- ã£ã³ãããããã¯ããã«é«éã«ãªãããã®ãªã¹ãã«ã¯é常ã«å¤ã(1200以ä¸)ã®TCPãã¼ããå«ã¾ãã¦ããã®ã§ãããã©ã«ãã®TCPã¹ã- ã£ã³(ç´1650ãã¼ã)ã¨ã®é度差ã¯ããã»ã©å¤§ããã¯ãªãã−−datadirãªãã·ã§ã³ã使ã£ã¦ãèªåã§ç¬èªã«ä½æããå°ããªnmap−servicesãã¡ã¤ã«ãæå®ããã¨ããã®é度差ãããªã大ãããããã¨ãã§ããã
−r (ãã¼ãã®é çªãç¡ä½çºã«ããªã)
ããã©ã«ãã§ã¯ãNmapã¯ã¹ã- ã£ã³ãããã¼ãã®é çªãç¡ä½çºã«é¸ã¶ããã«ãªã£ã¦ãã(å¹çåã®ããã«ç¹å®ã®ãã使ããããã¼ããæåã®ã»ãã«ç§»åããå ´åãé¤ã)ããã®ãããªç¡ä½çºåã¯é常ã§ããã°æã¾ãããã代ããã«çªå·é ã«ãã¼ãã¹ã- ã£ã³ãè¡ãããå ´åã¯ãã®−rãªãã·ã§ã³ãæå®ããã
ãµã¼ãã¹ã¨ãã¼ã¸ã§ã³ã®æ¤åº
ãªã¢ã¼ããã·ã³ãã¿ã¼ã²ããã«ãã¦Nmapãå®è¡ããçµæã25/tcpã80/tcpã53/udpã®åãã¼ããéãã¦ãããã¨ãå¤æããã¨ããããNmapã¯ãç´2200åã®ããç¥ããããµã¼ãã¹ããæãnmap−servicesã®ãã¼ã¿ãã¼ã¹ãç¨ãã¦ããããã®ãã¼ããããããã¡ã¼ã«ãµã¼ã(SMTP)ãWebãµã¼ã(HTTP)ããã¼ã ãµã¼ã(DNS)ã«ç¸å½ããã¨ã¬ãã¼ããããé常ããã®æ¤ç´¢çµæã¯æ- £ç¢ºã§ãããããªãã¡ãTCPãã¼ã25çªã§å¾ã¡åããããã¼ã¢ã³ã®å¤§é¨åã¯ãå®éã«ã¡ã¼ã«ãµã¼ãã§ãããã ããããããã¹ã¦éµåã¿ã«ãã¦ã¯ãããªããé常ã¨ã¯ç°ãªããã¼ãã§ãµã¼ãã¹ãå®è¡ãããã±ã¼ã¹ãå®éã«ããå¾ãã
ãã¨ãNmapãæ- £ããã¦ãä¸ã§ä»®å®ãããµã¼ããããããSMTPãHTTPãDNSãµã¼ããå®è¡ãã¦ããå ´åã§ããããã¯å¤ãã®æå ±ã«ã¯ãªããªããèªç¤¾ãã¯ã©ã¤ã¢ã³ãã®èå¼±æ§èª¿æ»(ç°¡åãªã¤ã³ãã³ããªèª¿æ»ã®å ´åã§ã)ãå®æ½ããéã«ã¯ãã©ã®ã¡ã¼ã«ãµã¼ããDNSãµã¼ããåä½ä¸- ã§ããããç¥ãããã¯ãã§ãããæ- £ç¢ºãªãã¼ã¸ã§ã³çªå·ãå¥æãããã¨ã¯ããµã¼ããã©ã®ãããªæ»æã«å¯¾ãã¦èå¼±ã§ããããå¤æ- ããã®ã«å¤§ãã«å½¹ã«ç«ã¤ããã¼ã¸ã§ã³æ¤åºã¯ããããæå ±ãå¥æããã®ã«å½¹ç«ã¤ææ³ã§ããã
å¥ã®ã¹ãã£ã³ææ³ãç¨ãã¦TCPãã¼ãã UDPãã¼ããçºè¦ããããããã§ä½ãå®è¡ããã¦ãããã«ã¤ãã¦ã®è©³ç´°ãæããã«ããããã«ããããã®ãã¼ãããã¼ã¸ã§ã³æ¤åºã«ãã£ã¦ããã«ç¶¿å¯ã«èª¿æ»ãããnmap−service−probesãã¼ã¿ãã¼ã¹ã«ã¯ãæ§ããªãµã¼ãã¹ã®åãåãããè¡ãããã®ãã- ã¼ãããå¿çãè- å¥ãã¦è§£æããããã®ç§å表ç¾ãå«ã¾ãã¦ãããNmapã¯ä»¥ä¸ã®æå ±ã®ç¹å®ã試ã¿ãï¼ãµã¼ãã¹ãã- ãã³ã«(ä¾ï¼ftpãsshãtelnetãhttp)ãã¢ããªã±ã¼ã·ã§ã³å(ä¾ï¼ISC BindãApache httpdãSolaris telnetd)ããã¼ã¸ã§ã³çªå·ããã¹ãåãããã¤ã¹ã¿ã¤ã(ä¾ï¼ããªã³ã¿ãã«ã¼ã¿)ãOSãã¡ããª(ä¾ï¼Windowsã Linux) ããã«ã¯ãXãµã¼ããæ¥ç¶ã«å¯¾ãã¦openç¶æã«ãããã©ããããSSHãã- ãã³ã«ã®ãã¼ã¸ã§ã³ãKaZaAã®ã¦ã¼ã¶åãªã©ã®ãã®ä»æ§ããªè©³ç´°æå ±ã®ç¹å®ã試ã¿ãããå ´åãããããã¡ããããã¦ãã®ãµã¼ãã¹ã¯ããããã®æå ±ããã¹ã¦æä¾ã§ããããã§ã¯ãªããNmapã«OpenSSLã®ãµãã¼ãæ©è½ãçµã¿å°ãã¦ããå ´åã¯ãSSLãµã¼ãã«æ¥ç¶ãã¦ããã®æå·å層ã®èå¾ã§å¾ã¡åããã¦ãããµã¼ãã¹ãæ¨å®ãããRPC(Remote Procedure Call)ãµã¼ãã¹ãçºè¦ãããå ´åã¯ãRPCãã- ã°ã©ã ã¨ãã¼ã¸ã§ã³çªå·ãç¹å®ããããã«Nmapã®RPCã°ã©ã¤ã³ãã¼(−sR)ãèªåçã«ä½¿ç¨ããããUDPãã¼ãã¹ã- ã£ã³ãå®è¡ãã¦ãããopenãããfilteredãããå¤å®ã§ããªãã£ãä¸é¨ã®ãã¼ãã¯ãopen|filteredç¶æã¨ãã¦ä¿çãããããã¼ã¸ã§ã³æ¤åºã¯ããããã®ãã¼ãããå¿ç- ãå°ãåºãã¦ãå¯è½ãªå ´åã¯ãã®ç¶æããopenãã«å¤æ´ãããã¨è©¦ã¿ããopen|filteredã®TCPãã¼ããåæ§ã«åãæ±ããããããã§æ³¨ç®ãã¹ãç¹ã¯ããã¼ã¸ã§ã³æ¤åºãNmapã®−Aãªãã·ã§ã³ã§æå¹ã«ãªãæ©è½ã®1ã¤ã«å«ã¾ãããã¨ã§ããããã¼ã¸ã§ã³æ¤åºã®ã¡ã«ããºã ã使ç¨æ³ãã«ã¹ã¿ãã¤ãºæ¹æ³ã«é¢ããè«æã¯ã以ä¸ã§å¥æã§ããï¼- https://nmap.org/vscan/
Nmapããµã¼ãã¹ããã®å¿ç- ãåä¿¡ãã¦ãããã¼ã¿ãã¼ã¹ã«ä¸è´ãããã®ãè¦ã¤ãããªãã£ãå ´åã¯ãç¹å¥ãªãã£ã³ã¬ã¼ããªã³ãã¨URLãåºåãããããã®URLã¯ããã¼ãã§ä½ãåä½ãã¦ãããã確å®ã«åãã£ã¦ããå ´åã«ããã£ã³ã¬ã¼ããªã³ããæ稿ãã¦ããã ãããã®ãã®ã ãããªãã®çºè¦ããããããªäººã®ããã«ãªãããã2ã3åãããããªãã®ã§ãã²æ稿ãã¦ããã ããããããããæ稿ã®ãããã§ãNmapã¯ãsmtp, ftp, httpãªã©ã®350以ä¸ã®ãã- ãã³ã«ã«å¯¾ããç´3000件ã®ãã¿ã¼ã³ç§åä¾ãåããã¾ã§ã«ãªã£ã¦ããã
ãã¼ã¸ã§ã³æ¤åºã¯ã以ä¸ã®ãªãã·ã§ã³ã§å®è¡ããã³å¶å¾¡ãå¯è½ã§ããï¼
−sV (ãã¼ã¸ã§ã³æ¤åº)
ä¸ã§è¿°ã¹ããããªãã¼ã¸ã§ã³æ¤åºãå®è¡ãããã¾ããã1ã¤ã®æ¹æ³ã¨ãã¦ã−Aãªãã·ã§ã³ã使ãã¨ãOSæ¤åºã¨ãã¼ã¸ã§ã³æ¤åºã®ä¸¡æ¹ãå®è¡ã§ããã
−−allports (ãã¼ã¸ã§ã³æ¤åºã®å¯¾è±¡ãããã¹ã¦ã®ãã¼ããé¤å¤ããªã)
ããã©ã«ãã§ã¯ãNmapã®ãã¼ã¸ã§ã³æ¤åºã¯ãTCPãã¼ã9100çªãã¹ã- ããããããã«ãªã£ã¦ãããä¸é¨ã®ããªã³ã¿ã¯ãã®ãã¼ãã«éããããã®ã¯ä½ã§ãåºåããã®ã§ãHTTP GETãªã¯ã¨ã¹ãããã¤ããªå½¢å¼ã®SSLã»ãã·ã§ã³ãªã¯ã¨ã¹ããªã©ã®ãã¼ã¸ãä½åæãå°å·ããããã¨ã«ãªãããã ããã®åä½ãå¤æ´ããã«ã¯ãnmap−service−probesã®å½è©²ã®ãé¤å¤ã(Exclude)ãã£ã¬ã¯ãã£ããå¤æ´ãããã¯åé¤ãããããããã¯−−allportsãæå®ããã¨ãExcludeãã£ã¬ã¯ãã£ãã«é¢ä¿ãªããã¹ã¦ã®ãã¼ããã¹ã- ã£ã³ãããããã«ã§ããã
−−version−intensity
Nmapã¯ããã¼ã¸ã§ã³ã¹ã- ã£ã³(−sV)ãå®è¡ããéã«ã1ãã9ã¾ã§ã®ãå¸å°ã(rarity)å¤ãå²ãæ¯ãããä¸é£ã®ãã- ã¼ããéä¿¡ããããã®å¸å°å¤ãå°ãããã- ã¼ãã»ã©ãããç¨ããããå種ãµã¼ãã¹ã«å¯¾ãã¦æå¹ã§ããããã®å¸å°å¤ã大ãããã- ã¼ãã»ã©ãç¨éãéããããã¨ã«ãªãã強度ã¬ãã«ã¯ãã©ã®ãã- ã¼ããé©ç¨ããã¹ãããæå®ãããªãã·ã§ã³ã§ããããã®æ°åã大ããã»ã©ããµã¼ãã¹ãæ- £ããç¹å®ããã確çã¯é«ããªããã ãã強度ãé«ãã¹ã- ã£ã³ã¯ãããã ãæéããããã強度ã¯0ãã9ã®éã§æå®ããå¿è¦ããããããã©ã«ãã¯7ã§ãããnmap−service−probesã®portsãã£ã¬ã¯ãã£ãã«ãã£ã¦ãã¿ã¼ã²ãããã¼ãã«ãã- ã¼ããç»é²ããã¨ããã®ããã¼ãã¯å¼·åº¦ã¬ãã«ã«é¢ä¿ãªã試è¡ããããããã«ãããDNSãã- ã¼ãã¯å¸¸ã«éãã¼ã53çªã«å¯¾ãã¦è©¦è¡ãããSSLãã- ã¼ãã¯ãã¼ã443çªã«å¯¾ãã¦å®è¡ãããããã«ãããã¨ãªã©ãã§ããã
−−version−light (ã©ã¤ãã¢ã¼ããæå¹ã«ãã)
ããã¯ã−−version−intensity 2ã®å ´åã«ä¾¿å©ãªã¨ã¤ãªã¢ã¹ã§ããããã®ã©ã¤ãã¢ã¼ãã使ãã¨ãã¹ã- ã£ã³ãé常ãããã£ã¨é«éã«è¡ããã¨ãã§ãããããµã¼ãã¹ãç¹å®ã§ãã確çã¯ããä½ããªãã
−−version−all (ããã¼ãã1ã¤ãã¤è©¦è¡ãã)
−−version−intensity 9ã®å ´åã«æç¨ãªã¨ã¤ãªã¢ã¹ã§ãåãã¼ãã«å¯¾ãã¦ãã- ã¼ãã1ã¤ãã¤è©¦è¡ãããããã«ããã
−−version−trace (ãã¼ã¸ã§ã³ã¹ãã£ã³ã®åä½ç¶æ³ã追跡ãã)
ããã«ãããNmapã¯ãã©ã®ãããªãã¼ã¸ã§ã³ã¹ã- ã£ã³ãå®è¡ããã¦ãããã«é¢ããåºç¯ãªãããã°æå ±ãåºåããããã®æå ±ã¯ã−−packet−traceã«ãã£ã¦å¾ããããã®ã®ä¸é¨ã§ããã
−sR (RPC ã¹ãã£ã³)
ãã®ææ³ã¯ãNmapã®ä»ã®æ§ããªãã¼ãã¹ã- ã£ã³ææ³ã¨é£æºãã¦æ©è½ããããopenãç¶æã§ãããã¨ã確èªããããã¹ã¦ã®TCP/UDPãã¼ãã«å¯¾ãã¦ãSunRPCãã- ã°ã©ã ã®Nullã³ãã³ãã大éã«éä¿¡ãããã¼ããRPCãã¼ãã§ãããã©ãããå¤å®ããããã§ããå ´åã¯ãããã§å®è¡ããã¦ãããã- ã°ã©ã åã¨ãã¼ã¸ã§ã³çªå·ã®ç¹å®ã試ã¿ããå¾ã£ã¦ãã¿ã¼ã²ããã®ãã¼ããããã¼ããã¡ã¤ã¢ã¦ã©ã¼ã«ã®èå¾ã«ãã(ãããã¯TCPã©ããã¼ã§ä¿è- ·ããã¦ãã)å ´åã§ããrpcinfo −pã®çµæã¨åãæå ±ãå¹ççã«åå¾ãããã¨ãã§ãããç¾æç¹ã§ã¯ãå®(ãã¨ã)ã¯ãRPCã¹ã- ã£ã³ã¨ã¯é£æºãã¦æ©è½ããªããè¦æ±ãããã°ããã¼ã¸ã§ã³ã¹ã- ã£ã³(−sV)ã®ä¸é¨ã¨ãã¦èªåçã«æå¹ã«ãªãããã§ã«ãã¼ã¸ã§ã³æ¤åºã«å«ã¾ãã¦ããããã¡ãã®ã»ãããã£ã¨åæ¬çãªã®ã§ã−sRãå¿è¦ã«ãªããã¨ã¯ãã£ãã«ãªãã
OS æ¤åº
Nmapã®æãæåãªæ©è½ã®1ã¤ã¯ãTCP/IPã¹ã¿ãã¯ã»ãã£ã³ã¬ã¼ããªã³ãã£ã³ã°ãç¨ããããªã¢ã¼ãããã®OSæ¤åºæ©è½ã§ãããNmapã¯ãä¸é£ã®TCPãUDPã®ãã±ããããªã¢ã¼ããã¹ãã«éãããã®å¿ç- ãã»ã¼å¨é¢çã«èª¿æ»ãããTCP ISN(ã¤ãã·ã£ã«ã·ã¼ã±ã³ã¹çªå·)ãµã³ããªã³ã°ãTCPãªãã·ã§ã³ã®ãµãã¼ããé åºã®èª¿æ»ãIPIDãµã³ããªã³ã°ãTCPåæã¦ã£ã³ãã¦ãµã¤ãºèª¿æ»ãªã©ã®æ°å¤ãã®ãã¹ããå®æ½ããå¾ãNmapã¯ãããã®çµæããæ¢ç¥ã®OSãã£ã³ã¬ã¼ããªã³ãã1500件以ä¸ãã¼ã¿ãã¼ã¹åãããnmap−os−fingerprintsã¨ç§åããä¸è´ãããã®ããã£ãå ´åã¯ãã®OSã«é¢ãã詳細æå ±ãåºåãããåãã£ã³ã¬ã¼ããªã³ãã«ã¯ãããªã¼ãã- ã¹ãå½¢å¼ã®OSã®è§£èª¬ããã³ãåãä¸ããåé¡(ä¾ï¼Sun)ãä¸ä½ã®OS(ä¾ï¼Solaris)ãOSã®ä¸ä»£(ä¾ï¼10)ãããã¤ã¹ã®ç¨®é¡(æ±ç¨ãã«ã¼ã¿ãã¹ã¤ãããã²ã¼ã æ©ãªã©)ãå«ã¾ããã
æ¡ä»¶(ä¾ãã°å°ãªãã¨ãopenãã¼ã1ã¤ã¨closedãã¼ã1ã¤ã®å- å¨ãããã£ã¦ãããªã©)ã¯æ´ã£ã¦ããããNmapãã¿ã¼ã²ãããã·ã³ã®OSãæ¨æ¸¬ã§ããªãå ´åã¯ããã£ã³ã¬ã¼ããªã³ãæ稿ç¨URLãNmapããæä¾ãããã対象ã®ãã·ã³ã§åä½ãã¦ããOSãä½ã(確å®ã«)ããã£ã¦ããå ´åã¯ãå½è©²ã®ãã£ã³ã¬ã¼ããªã³ãããã®URLã使ã£ã¦æ稿ã§ãããããããæ稿ãè¡ããããã¨ã§ãNmapãèªè- ã§ããOSã®ãã¼ã¿ãã¼ã¹ã«æ°ããªãã¼ã¿ãèç©ãããããããã¦ã¼ã¶ãããã«ç²¾åº¦ã®é«ã調æ»ãè¡ããããã«ãªãã
OSæ¤åºãè¡ããã¨ã§ããã®ãã- ã»ã¹ã®ãªãã§åéãããæå ±ãå©ç¨ããå¥ã®ãã¹ããããã¤ãè¡ããã¨ãã§ãããä¾ãã°ãã¢ããã¿ã¤ã ã®æ¸¬å®ããã®1ã¤ã§ãTCPã®ã¿ã¤ã ã¹ã¿ã³ããªãã·ã§ã³(RFC 1323)ãç¨ãã¦ããã·ã³ãæå¾ã«åèµ·åãããã®ã¯ãã¤ããæ¨å®ãããããã¯ããã®æå ±ãè¿ãããã·ã³ã«é¢ãã¦ã®ã¿å ±åããããããä¸ã¤ã®ãã¹ãã¯ãTCPã·ã¼ã±ã³ã¹çªå·ã®äºæ¸¬å¯è½æ§ã®åé¡ã§ãããããã«ããããªã¢ã¼ããã¹ãã«å¯¾ãã¦å½é ããTCPæ¥ç¶ã確ç«ããã®ãã©ã®ç¨åº¦å°é£ã§ããããããããå¤å®ã§ãããããã¯ãçºä¿¡åIPãã¼ã¹ã®ä¿¡é ¼é¢ä¿(rloginããã¡ã¤ã¢ã¦ã©ã¼ã«ããã£ã«ã¿ãªã©)ã®å¼±ç¹ãæªç¨ããããæ»æã®åºæãé è½ãããããå ´åã«å½¹ç«ã¤ããã®ç¨®ã®ã¹ãã¼ãã£ã³ã°ã¯ãã¯ããã£ãã«è¡ãããªãããããã«å¯¾ãã¦èå¼±ãªãã·ã³ããã¾ã ã«æ°å¤ããããé£æ度ã表ãå®éã®æ°å¤ã¯ãçµ±è¨çãªãµã³ããªã³ã°ã«åºã¥ãã¦ããããã«ä¸ä¸ããå¯è½æ§ããããé常ã¯ãworthy challengeï¼ä¾¡å¤ããææ¦)ãããtrivial jokeï¼ã¤ã¾ããªãã¸ã§ã¼ã¯ï¼ããªã©ã®è¨èã®è¡¨ç¾ã«ããåé¡ãå©ç¨ããæ¹ããããããã¯ãåé·(−v)ã¢ã¼ãã®æ¨æºåºåã«ã®ã¿ã¬ãã¼ããããã−Oãªãã·ã§ã³ã¨ã¨ãã«åé·ã¢ã¼ããæå¹ã«ãªã£ã¦ããå ´åãIPIDã·ã¼ã±ã³ã¹çªå·ã®çæã«é¢ããæå ±ãã¬ãã¼ãããããã»ã¨ãã©ã®ãã·ã³ã¯ããã¤ã³ã¯ãªã¡ã³ã¿ã«(incremental)ãã«åé¡ããããããã¯ãéä¿¡ãããã±ãããã¨ã«ãIPãããã®IDãã£ã¼ã«ãã®å¤ã1ãã¤å¢å ããããã¨ãæå³ããããã®ä»çµã¿ã®ããã§ããããã®ãã·ã³ã¯é«åº¦ãªæå ±åéæ»æãã¹ãã¼ãã£ã³ã°æ»æã«å¯¾ãã¦èå¼±ã«ãªã£ã¦ããã
OSæ¤åºã®ã¡ã«ããºã ã使ç¨æ³ãã«ã¹ã¿ãã¤ãºæ¹æ³ã«ã¤ãã¦è¿°ã¹ãè«æã¯ã以ä¸ã§å¥æã§ãã(åæ°ã¶å½èªã®ç¿»è¨³çãã)ï¼ https://nmap.org/osdetect/
OSæ¤åºã¯ã以ä¸ã®ãªãã·ã§ã³ã§å®è¡ããã³å¶å¾¡ã§ããï¼
−O (OSæ¤åºãå®è¡)
ä¸ã§è¿°ã¹ãOSæ¤åºãå®è¡ãããã¾ãå¥ãªæ¹æ³ã¨ãã¦−Aãªãã·ã§ã³ã使ãã¨ãOSæ¤åºã¨ãã¼ã¸ã§ã³æ¤åºã®ä¸¡æ¹ãå®è¡ã§ããã
−−osscan−limit (OSæ¤åºãææãªã¿ã¼ã²ããã«çµã)
å°ãªãã¨ã1ã¤ã®openããã³closedã®TCPãã¼ããè¦ã¤ããã°ãOSæ¤åºã®å¹çã¯ããªãä¸ããããã®ãªãã·ã§ã³ãè¨- å®ããã¨ãNmapã¯ä¸ã®åºæºã«æºããªããã¹ãã«ã¯OSæ¤åºã試è¡ããªãããã«ãªããããã«ãããããªãã®æéãç¯ç´ã§ãããå¤ãã®ãã¹ãã«å¯¾ãã¦−P0ã¹ã- ã£ã³ãè¡ãå ´åã¯ç¹ã«ããã§ããã−O ããã㯠−Aã§ãOSæ¤åºã®å®è¡ããã¤è¦æ±ãããã ããéè¦ã«ãªãã
−−osscan−guess; −−fuzzy (OSæ¤åºã®çµæãæ¨æ¸¬)
Nmapãå®å¨ã«ä¸è´ããOSãæ¤åºã§ããªãå ´åãããã«è¿ä¼¼ãããã®ãåè£ã¨ãã¦æããå ´åããããNmapããããããã©ã«ãã§è¡ãããã«ã¯ãè¿ä¼¼ã¯ããªãè¿ããã®ã§ãªããã°ãªããªããä¸ã®ã©ã¡ãã(åç- )ã®ãªãã·ã§ã³ãæå®ããã¨ãNmapã¯ãã大ã¾ããªè¿ä¼¼ãã¢ã°ã¬ãã·ãã«è¡ãããã«ãªãã
ã¿ã¤ãã³ã°ã¨ããã©ã¼ãã³ã¹
Nmapã®éçºãè¡ãããã§ã常ã«åªåäºé ã®1ã¤ã¨ãã¦å¿µé ã«ç½®ãã¦ããã®ããããã©ã¼ãã³ã¹ãã§ãããç- èã®ãã¼ã«ã«ãããã¯ã¼ã¯ä¸ã®ãã¹ãã«ããã©ã«ãã¹ãã£ã³(nmap hostname)ãå®è¡ããã®ã«ãããæéã¯ã5åã®1ç§ã§ãããç¬ã1åç¨åº¦ã®æéã ããä½ä¸ãããä½åä¸ã¨ãããã¹ããã¹ã- ã£ã³ããå ´åã¯ããã®æéãç©ç®ãããããã ãããã«ã¯ãUDPã¹ã- ã£ã³ããã¼ã¸ã§ã³æ¤åºãªã©ã®ç¹å®ã®ã¹ãã£ã³ãªãã·ã§ã³ã«ãã£ã¦ãã¹ã- ã£ã³æéã大å¹ã«å¢å ããå¯è½æ§ããããç¹å®ã®ãã¡ã¤ã¢ã¦ã©ã¼ã«è¨å®ãç¹ã«å¿ç- ã¬ã¼ãå¶éã®å ´åãåæ§ã§ãããNmapã«ã¯ãã¹ã- ã£ã³é度ãä¸ããããã®ä¸¦è¡å¦çãé«åº¦ãªã¢ã«ã´ãªãºã ã使ç¨ããã¦ããããNmapãã©ã®ããã«å®è¡ããããæçµçã«æ±ºããã®ã¯ã¦ã¼ã¶ã§ãããçç·´ããã¦ã¼ã¶ã¯ãèªåãã¡ã®æéçå¶ç´ãæºããã¤ã¤ãé¢å¿ã®ããæå ±ã ããåå¾ããããã«ãNmapã³ãã³ãã«å¥å¿µãªç´°å·¥ãæ½ããã®ã ã
ã¹ã- ã£ã³æéãæ¹åãããã¯ããã¯ã¨ãã¦ã¯ãéè¦ã§ãªããã¹ãã®çç¥ããNmapãææ°çã«ã¢ããã°ã¬ã¼ããã(ããã©ã¼ãã³ã¹ã®å¼·åã¯é »ç¹ã«è¡ããã¦ãã)ãªã©ãæãããããã¿ã¤ãã³ã°(æé調ç¯)ãã©ã¡ã¿ãæé©åããã¨ãããªãã®éããçããå ´åãããããã®ç¨®ã®ãªãã·ã§ã³ãã以ä¸ã«åæããã
−−min−hostgroup
Nmapã«ã¯ãè¤æ°ã®ãã¹ãã並è¡ãã¦ãã¼ãã¹ãã£ã³ããã¼ã¸ã§ã³ã¹ã- ã£ã³ããè½åããããããã¯ãã¿ã¼ã²ããã®IP空éãããã¤ãã®ã°ã«ã¼ãã«åå²ããä¸åº¦ã«1ã°ã«ã¼ããã¤ã¹ã- ã£ã³ãããã¨ã§è¡ããããä¸è¬ã«ãã°ã«ã¼ãã®è¦æ¨¡ã大ããããã»ã©ãå¹çããããªãããã¡ãªããã¯ãã°ã«ã¼ãå¨ä½ã®ã¹ã- ã£ã³ãçµäºãã¦ããã§ãªãã¨ããã¹ãã®çµæãå¾ãããªããã¨ã§ããããã®ãããã°ã«ã¼ããµã¤ãºã50ããå§ããå ´åãã¦ã¼ã¶ãã¬ãã¼ããåãåãã®ã¯ã(åé·ã¢ã¼ãã§ææ°æå ±ãæä¾ãããå ´åãé¤ã)æåã®50å°ã®ãã¹ããå®äºãã¦ããã«ãªãã
ããã©ã«ãã§ã¯ãNmapã¯ãããã競ååé¡ã«å¯¾ãã¦ã妥åçãªã¢ãã- ã¼ããæ¡ããããªãã¡ãæåã®çµæãããã«å¾ãããããã«ã5ç¨åº¦ã®å°ããªã°ã«ã¼ããµã¤ãºããå§ãã¦ããããã1024ãããã«ã¾ã§å¢ããããã«ãããåãã«è¨- å®ããæ°å¤ã¯ãæå®ãããªãã·ã§ã³ã«ãã£ã¦æ±ºã¾ããå¹çä¸ã®çç±ã§ãNmapã¯ãUDPã¹ã- ã£ã³ããã¼ãæ°ã®å°ãªãTCPã¹ã- ã£ã³ã«å¯¾ãã¦ã¯æ¯è¼ç大ããªã°ã«ã¼ããµã¤ãºãç¨ããã
ã°ã«ã¼ããµã¤ãºã®æ大å¤ã−−max−hostgroupã§æå®ããã¦ããå ´åãNmapããã®ãµã¤ãºãè¶éãããã¨ã¯æ±ºãã¦ãªããã°ã«ã¼ããµã¤ãºã®æå°å¤ã−−min−hostgroupã§æå®ããã¨ãNmapã¯ã°ã«ã¼ããµã¤ãºããã®å¤ãããå°ãããªããªãããã«ãããã¨ãããNmapã¯ããªãã·ã§ã³ã§æå®ãããæå°å¤ã®æ¡ä»¶ãæºããã®ã«ååãªæ°ã®ã¿ã¼ã²ãããã¹ãããæå®ã®ã¤ã³ã¿ã¼ãã§ã¼ã¹ä¸ã«æ®ã£ã¦ããªãå ´åã¯ãæå®ããå°ããã°ã«ã¼ããµã¤ãºã使ããããå¾ãªããªãå ´åããããã°ã«ã¼ããµã¤ãºãç¹å®ã®ç¯å²åã«åããããã«ãæ大å¤ã¨æå°å¤ã®ä¸¡æ¹ãè¨- å®ããå ´åããããããããå¿è¦ã«ãªãã±ã¼ã¹ã¯ãã£ãã«ãªãã
ãã®ãªãã·ã§ã³ã®ä¸»ãªä½¿ç¨æ³ã¯ãã¹ã- ã£ã³ãããé«éã«å®äºã§ããããã«ãã°ã«ã¼ããµã¤ãºã®æå°å¤ã«å¤§ããªå¤ãæå®ãããã¨ã§ãããã¯ã©ã¹Cè¦æ¨¡ã®ãããã¯ã¼ã¯ãã¹ã- ã£ã³ããã«ã¯é常ã256ãæå®ãããæ°å¤ãã®ãã¼ãã«å¯¾ãã¦ã¹ã- ã£ã³ãå®è¡ããå ´åã¯ããã以ä¸ã®æ°å¤ãè¨- å®ãã¦ãããã¾ãå¹æã¯æå¾ã§ããªãããã¼ãæ°ããããããã®ã¹ã- ã£ã³ãè¡ãå ´åã¯ããã¹ãã®ã°ã«ã¼ããµã¤ãºã2048以ä¸ã«è¨å®ããã¨æå¹ã ããã
−−min−parallelism
ãã¹ãã°ã«ã¼ãã«åãã¦éä¿¡ãããããã¼ãã®ç·æ°ã決ãããªãã·ã§ã³ã§ããã¼ãã¹ã- ã£ã³ããã¹ãçºè¦ã«ç¨ãããããããã©ã«ãã§ã¯ãNmapã¯ããããã¯ã¼ã¯ããã©ã¼ãã³ã¹ã«åºã¥ãã¦ã常ã«å¤åããçæ³çãªä¸¦åå¦çå¯è½æ°ãç®åºãã¦ããããã±ãããç¶ãã¦ç ´æ£ãããå ´åã¯ãNmapã¯å¦çé度ãè½ã¨ããéä¿¡ãããã- ã¼ãã®æ°ãæ¸ãããçæ³çãªãã- ã¼ãæ°ã¯ããããã¯ã¼ã¯ã示ãããã©ã¼ãã³ã¹ã®é«ãã«å¿ãã¦ãç·©ããã«å¢å ããããããã®ãªãã·ã§ã³ã¯ããã®å¤æ°ã«å¯¾ãã¦ä¸éã¨ä¸éãè¨- å®ãããããã©ã«ãã§ã¯ãçæ³çãªä¸¦åå¦çå¯è½æ°ã¯ããããã¯ã¼ã¯ã®ä¿¡é ¼æ§ãä½ãå ´åã¯1ã¾ã§ä¸ãããæé«ã®ç¶æã®å ´åã¯æ°ç¾ã¾ã§ä¸ããå ´åãããã
æãä¸è¬çãªä½¿ç¨æ³ã¯ã−−min−parallelismã«1ãã大ããªæ°å¤ãè¨- å®ãã¦ãããã©ã¼ãã³ã¹ã®ä½ããã¹ãããããã¯ã¼ã¯ã«å¯¾ããã¹ã- ã£ã³ã®å¦çé度ãä¸ãããã¨ã§ããããã ãã軽ã使ãã«ã¯ãªã¹ã¯ãä¼´ããªãã·ã§ã³ã§ããããã¾ãã«å¤§ããªå¤ãè¨- å®ããã¨ã精度ã«æªå½±é¿ãåã¶å ´åããããã¾ãããã«ããããããã¯ã¼ã¯ç¶æã«åºã¥ãã¦ä¸¦åå¦çå¯è½æ°ãåçã«å¶å¾¡ããNmapã®è½åãä½ä¸ããããã¨ã«ããªãã10ç¨åº¦ã«ãã¦ããã®ã妥å½ãã¨æããããããã®å¤ã®èª¿ç¯ã¯æå¾ã®æ段ã¨ãã¦ããè¡ããªãã
Nmapããã¹ãã«å¯¾ãã¦ä¸åº¦ã«2ã¤ä»¥ä¸ã®ãã- ã¼ããéããªãããã«ããããã«ã−−max−parallelismãªãã·ã§ã³ã«ã1ããè¨- å®ãããå ´åããããããã¯ã(ä¸ã§è¿°ã¹ã)−−scan−delayãªãã·ã§ã³ã¨çµã¿åããã¦ç¨ããã¨ä¾¿å©ã§ããããã£ã¨ããå¾èã®ãªãã·ã§ã³ã¯é常ã¯åç¬ã§ãååã«å½¹ç«ã¤ãã®ã§ããã
−−min−rtt−timeout
Nmapã¯ãããã¼ããä¸æ¢ãããã¯åéä¿¡ããã¾ã§ãããã¼ãã®å¿ç- ãå¾æ©ããæéãã©ã®ãããã«ãããã決ããå®è¡ã¿ã¤ã ã¢ã¦ãå¤ãä¿æãã¦ããããã®å¤ã¯ãããã¾ã§ã«éä¿¡ãããã- ã¼ãã®å¿ç- æéã«åºã¥ãã¦ç®åºãããããããã¯ã¼ã¯ã®å¾ã¡æéããããªãé·ãã¦å¤åããããå ´åãã¿ã¤ã ã¢ã¦ãå¤ã¯æ°ç§ã«ã¾ã§éããå¯è½æ§ããããã¾ããåå¿ãéããã¹ããã¹ã- ã£ã³ããéã«ã¯ãæ§ãç®ãª(é«ã)ã¬ãã«ããå§ãã¦ããã°ããã®éãã®ã¾ã¾ã®å¤ã«ãã¦ããå ´åãããã
ãããã®ãªãã·ã§ã³ã¯ããªç§åä½ã§è¨å®ããã−−max−rtt−timeout 㨠−−initial−rtt−timeoutã«ããã©ã«ãããå°ããªå¤ãæå®ããã¨ãã¹ãã£ã³æéã大å¹ã«ç- 縮ã§ãããå³éãªãã£ã«ã¿å¦çãæ½ããããããã¯ã¼ã¯ã«å¯¾ãã¦pingãªã(−P0)ã¹ã- ã£ã³ãè¡ãå ´åã¯ç¹ã«ãããªããã¨ã¯ããããã¾ãã¢ã°ã¬ãã·ãã«å°ããããããªãããã«ãå°ããããå¤ãæå®ãã¦ãã¾ã£ãããã«ãå¿ç- ãéä¿¡ããã¦ããéã«æ°å¤ãã®ããã¼ããã¿ã¤ã ã¢ã¦ããã¦åéä¿¡ããã¦ãã¾ããçµæçã«ã¹ã- ã£ã³ã®å®è¡ã«é常ããä½è¨ã«æéããããå¯è½æ§ãããããã ã
ãã¹ã¦ã®ãã¹ããã- ã¼ã«ã«ãããã¯ã¼ã¯ä¸ã«ããå ´åã−−max−rtt−timeoutã®å¤ã¯100ããªç§(ms)ã«ããã®ããã¢ã°ã¬ãã·ãã«å°ããæå®ããã¨ãã¦ã妥å½ãªå¤ã§ãããã«ã¼ãã£ã³ã°ãé¢ä¿ãã¦ããå ´åã¯ãICMP pingã¦ã¼ãã£ãªãã£ãããã¡ã¤ã¢ã¦ã©ã¼ã«ãééã§ããå¯è½æ§ãé«ãhping2ãªã©ã®ã«ã¹ã¿ã ãã±ããä½æãã¼ã«ãç¨ãã¦ãæåã«ãããã¯ã¼ã¯ä¸ã®ãã¹ãã«pingãå®è¡ããå¿è¦ãããã10åç¨åº¦ã®ãã±ãããéä¿¡ãã¦ã¿ã¦ãæ大å¾å¾©æé(RTT)ã調ã¹ããã¨ã−−initial−rtt−timeoutã®å¤ã¯ããã®å¤ã2åã«ããã¨ãããã¾ãã−−max−rtt−timeoutã®å¤ã¯ãããã3åã4åã«ãããã®ã«ããã¨ããã ãããç- èã¯é常ãpingã§èª¿æ»ããæéã®å¤§å°ã«é¢ä¿ãªããæ大RTTã100msæªæºã«è¨- å®ãããã¨ã¯ãªããã1000msãè¶ããå¤ã«ãããã¨ããªãã
−−min−rtt−timeoutã¯ãã»ã¨ãã©ä½¿ç¨ãããªããªãã·ã§ã³ã§ãããããããã¯ã¼ã¯ã®ä¿¡é ¼æ§ããã¾ãã«ä½ãããã«ãNmapã®ããã©ã«ãå¤ã§ãå°ããè¨- å®ãããã«ãªãå ´åã«å½¹ç«ã¤ã¨æããããNmapã¯åã«ã¿ã¤ã ã¢ã¦ãæéãæå®ãããæå°å¤ã¾ã§å°ããããã ããªã®ã§ããããã¯ã¼ã¯ãä¿¡é ¼ã§ããã¨æãããå ´åã¯ããã®è¦æ±ã¯ç°å¸¸ã§ãããnmap−devã¡ã¼ãªã³ã°ãªã¹ãã«ãã°ã¨ãã¦å ±åãããã¯ãã§ããã
−−host−timeout
ãã¹ãã®ãªãã«ã¯ãã¨ã«ããã¹ã- ã£ã³ã«é·ãæéãããããã®ããããçç±ã¨ãã¦ã¯ãå®è¡æé ã®ä¸æéãä¿¡é ¼æ§ã®ä½ããããã¯ã¼ã¯ãã¼ãã¦ã§ã¢ãã½ããã¦ã§ã¢ããã±ããã¬ã¼ãå¶éãå³éãªãã¡ã¤ã¢ã¦ã©ã¼ã«ãªã©ãèãããããã¹ã- ã£ã³å¯¾è±¡ãã¹ãå¨ä½ã®æ°ãã¼ã»ã³ããå ãããæãåå¿ãéããã¹ãã«ãã£ã¦ãã¹ã- ã£ã³æéã®å¤§åã使ããã¦ãã¾ããã¨ãããããã®ãããªç¡é§ã¯ã«ãããã¦ãéããã¹ãã¯æåããçãã»ããããå ´åããããããã¯ãå¾æ©ãã¦ãæ§ããªãæéã−−host−timeoutã«ããªç§åä½ã®æ°å¤ã§æå®ãããã¨ã§å®è¡ã§ãããç- èã¯ãNmapãåä¸ãã¹ãã«å¯¾ãã¦30åãè¶ããæéã浪費ããªãããã«ã1800000ã¨ããå¤ãæå®ãããã¨ãå¤ãã注æãã¹ãç¹ã¯ãNmapã¯ãã®30åã®éã«ãåæã«ä»ã®ãã¹ããã¹ã- ã£ã³ã§ããã®ã§ãã¾ã£ããã®ç¡é§ã«ã¯ãªããªããã¨ã ãã¿ã¤ã ã¢ã¦ããããã¹ãã¯ã¹ã- ããããããã¼ããã¼ãã«ãOSæ¤åºããã¼ã¸ã§ã³æ¤åºãªã©ã®çµæã¯åºåãããªãã
−−scan−delay
æå®ãããã¹ãå®ã¦ã«éããããã- ã¼ãã®éä¿¡ééã«ããã¦ãããªç§åä½ã®æ°å¤ã§æå®ããæéã ãNmapãå¾æ©ç¶æã«ãããããã¯ãã¬ã¼ãå¶éãè¡ããã¦ããå ´åã«ç¹ã«å½¹ã«ç«ã¤ãSolarisãã·ã³ã¯(å¶éãç¹ã«å³ãã)ãé常ã¯UDPã¹ã- ã£ã³ã®ããã¼ããã±ããã«å¯¾ãã¦ãICMPã¡ãã»ã¼ã¸ã®å¿ç- ãæ¯ç§1åããè¿ããªããNmapããã以ä¸ã®ãã±ãããéã£ã¦ããã¹ã¦ç¡é§ã«ãªãã−−scan−delay ã«1000ãæå®ããã¨ãNmapã¯æ¯ç§1åã¨ããéãã¬ã¼ããä¿ã¤ãã¨ã«ãªããNmapã¯ãã¬ã¼ãå¶éãæ¤åºããããã«å¿ãã¦ã¹ã- ã£ã³ã®é²è¡ãéããããã¨ããããã©ã®ç¨åº¦ã®ã¬ã¼ããæé©ã§ãããããã§ã«ããã£ã¦ããå ´åã¯æ示çã«æå®ãã¦ãããã
−−scan−delay ã¯ä»ã«ãããããå¤ãã¼ã¹ã®ä¾µå¥æ¤ç¥ãä¾µå¥é²æ- ¢ã·ã¹ãã (IDS/IPS)ã®åé¿ã«ä½¿ç¨ãããã
−T
åç¯ã§è¿°ã¹ããããªãã¿ã¤ãã³ã°ã®ããç´°ãããªå¶å¾¡ã¯ã¨ã¦ãå¹æã大ããããåããã«ããã¨æããã¦ã¼ã¶ãããããã ãããã«ã¯ãæé©åã試ã¿ã¦ããã¹ã- ã£ã³ãå®è¡ããããããé©åãªæ°å¤ãé¸ã¶ã»ããæéããããã¨ããäºæã«é¥ãå¯è½æ§ããããããã§Nmapã«ã¯ã6ã¤ã®ã¿ã¤ãã³ã°ç¨ãã³ãã¬ã¼ããç¨ãããã£ã¨ç°¡åãªã¢ãã- ã¼ããç¨æããã¦ããããã³ãã¬ã¼ãã¯ã−Tãªãã·ã§ã³ã¨çªå·(0 − 5)ãååã§æå®ã§ããããã³ãã¬ã¼ãåã¯ãparanoid (0)ãsneaky (1)ãpolite (2)ãnormal (3)ãaggressive (4)ãinsane (5)ã§ãããæåã®2ã¤ã¯ãIDSåé¿ç¨ã®ãã³ãã¬ã¼ãã§ãããPoliteã¢ã¼ãã¯ãã¹ã- ã£ã³å¦çé度ãè½ã¨ãã帯åå¹ã¨ã¿ã¼ã²ãããã·ã³ã®ãªã½ã¼ã¹ã®ä½¿ç¨éãå°ãªãããããã®ãã®ã§ãããNormalã¢ã¼ãã¯ããã©ã«ããªã®ã§ã−T3ã¨ãã¦ãç¹ã«ä½ãããªããAggressiveã¢ã¼ãã¯ãã¦ã¼ã¶ãé©åº¦ã«é«éã§ä¿¡é ¼æ§ã®é«ããããã¯ã¼ã¯ä¸ã«ãããã¨ãæ³å®ãã¦ãã¹ã- ã£ã³é度ãä¸ãããæå¾ã«Insaneã¢ã¼ãã¯ãé常ã«é«éãªãããã¯ã¼ã¯ä¸ã«ãããããããã¯é度ã¨å¼ãæãã«ç²¾åº¦ã®ä¸é¨ãç ç²ã«ãã¦ãæ§ããªãå ´åãæ³å®ããã¢ã¼ãã§ããã
ãããã®ãã³ãã¬ã¼ããå©ç¨ããã¨ãã¦ã¼ã¶ã¯ãç確ãªã¿ã¤ãã³ã°å¤ã®é¸å®ã¯Nmapã«ä»»ãã¤ã¤ãã©ã®ç¨åº¦ã¢ã°ã¬ãã·ããªã¹ã- ã£ã³ãå®è¡ãããããæå®ã§ãããã¾ããä»ã®ã¨ããããç´°ããå¶å¾¡ã®ãªãã·ã§ã³ãå- å¨ããªããé度ã®å¾®èª¿æ´ã®ä¸é¨ããã®ãã³ãã¬ã¼ãã§è¡ããã¨ãã§ãããä¾ãã°ã−T4ã¯ãTCPãã¼ãã«å¯¾ããã¹ã- ã£ã³å¦çã®åçãªé延æéã10msãè¶ããªãããã«ãããã¨ãã§ããã¾ã−T5ã§ã¯ããã®å¤ã®ä¸éã5msã«å¶éãããããã³ãã¬ã¼ããæåã«æå®ããå ´åã«éããããç´°ããå¶å¾¡ãªãã·ã§ã³ã¨ãã³ãã¬ã¼ããçµã¿åããã¦ç¨ãããã¨ãã§ãããããããªãã¨ããã³ãã¬ã¼ãã®æ¨æºå¤ãã¦ã¼ã¶ã®æå®ããå¤ã§ä¸æ¸ãããã¦ãã¾ããé©åº¦ã«æè¿ã®ä¿¡é ¼æ§ãé«ããããã¯ã¼ã¯ãã¹ã- ã£ã³ããå ´åã¯ã−T4ããå§ãã§ãããããç´°ããå¶å¾¡ãªãã·ã§ã³ã追å ããå ´åã§ãããã®ãªãã·ã§ã³ã(ã³ãã³ãã©ã¤ã³ã®æåã«)ä»ãã¦ãããã¨ã§ããã³ãã¬ã¼ãã«ãã£ã¦æå¹ã«ãªãç´°é¨ã«ãããæé©åã®ã¡ãªããã享åã§ããã
é©æ£ãªãã- ã¼ããã³ãæ¥ç¶ãã¤ã¼ãµãããæ¥ç¶ã®ç°å¢ã«ããå ´åã¯ã常æ−T4ãå©ç¨ãããã¨ããå§ãããã−T5ã好ã人ãããããç§ã«ã¯ã¢ã°ã¬ãã·ããããããã«æãããã−T2ãæå®ãã¦ããã¦ã¼ã¶ããã¾ã«ãããããã¹ããã¯ã©ãã·ã¥ãããå¯è½æ§ãä½ãã¨è¦ã¦ããããããèªåã®ãã¨ãå¨è¬çã«ç¤¼åæ- £ãã(polite)ã¨æã£ã¦ããããã®ããã ãããããã¦ã¼ã¶ã¯åã«ãã−T Politeããå®éã«ã¯ããã«éããã®ã§ããããç解ãã¦ããªãã ãã ãPoliteã¢ã¼ãã¯ãããã©ã«ãã¹ã- ã£ã³ã®10åã®æéãããããããã©ã«ãã®ã¿ã¤ãã³ã°ãªãã·ã§ã³(−T3)ã«é¢ãã¦ã¯ããã·ã³ã®ã¯ã©ãã·ã¥ã帯åå¹ãåé¡ã«ãªããã¨ã¯ãã£ãã«ãªãã®ã§ãæéãªã¹ã- ã£ã³ã¦ã¼ã¶ã«ã¯é常ã¯ãããå§ãã¦ãããã¿ã¤ãã³ã°å¤ãããããæä½ãã¦ããããã®åé¡ã軽æ¸ãããã¨ãããããããã¼ã¸ã§ã³æ¤åºãçç¥ããã»ãããã£ã¨å¹ççã§ããã
−T0 ã −T1ã¯ãIDSã®è¦åãåé¿ããã«ã¯å½¹ç«ã¤ãããããªãããä½åãã®ãã·ã³ããã¼ããã¹ã- ã£ã³ããã«ã¯é常ã«é·ãæéããããããã®ããã«é·ãã¹ã- ã£ã³ãè¡ãå ´åã¯ããããããç¨æããã−T0 ã −T1ã®å¤ã«é ¼ãããããå¿è¦ã«å¿ãã¦ç確ãªã¿ã¤ãã³ã°å¤ãè¨- å®ããã»ãã好ã¾ããã ããã
T0ã®ä¸»ãªå¹æã¯ãã¹ãã£ã³ãé£ç¶çã«å®è¡ãã¦ä¸åº¦ã«1ã¤ã®ãã¼ãããã¹ã- ã£ã³ãããªãããã«ãããã¨ã¨ãåããã¼ããéä¿¡ããéã«5åéå¾æ©ãããã¨ã§ãããT1 㨠T2ã¯ä¼¼ã¦ãããããããããã- ã¼ãéã®å¾æ©æéã15ç§ã¨0.4ç§ãããªããT3ã¯Nmapã®ããã©ã«ãåä½ã§ã並åå¦çãå«ã¾ãããT4ã¯−−max−rtt−timeout 1250 −−initial−rtt−timeout 500ã«ç¸å½ããTCPã¹ã- ã£ã³ã®æ大é延æéã10msã«è¨å®ãããT5ã¯−−max−rtt−timeout 300 −−min−rtt−timeout 50 −−initial−rtt−timeout 250 −−host−timeout 900000ã«ç¸å½ããTCPã¹ãã£ã³ã®æ大é延æéã5msã«è¨å®ããã
ãã¡ã¤ã¢ã¦ã©ã¼ã«/IDS ã®åé¿ã¨ã¹ãã¼ãã£ã³ã°
å¤ãã®ã¤ã³ã¿ã¼ãããåé§èãã¡ã¯ããããããã¼ãéã®ãããã¯ã¼ã¯æ¥ç¶ãå¯è½ã«ãããä¸çå±éã®IPã¢ãã¬ã¹ç©ºéãæããä¸çè¦æ¨¡ã®ãªã¼ãã³ãããã¯ã¼ã¯ã®æ§æ³ãæãã¦ãããããã«ããããã¹ãã¯æå- éããã¢ã¨ãã¦æ©è½ãããäºãã«æå ±ã®ããåããã§ããããã«ãªããã¦ã¼ã¶ã¯ãèªå®ã®ãã¹ã¦ã®ã·ã¹ãã ã«ä»äºå ´ããã¢ã¯ã»ã¹ãã¦ãã¨ã¢ã³ã³ã®è¨- å®ãå¤ããããæ©ãã«æ¥ã客ã®ããã«ãã¢ãéé ãããã§ããã ããããã®ãããªä¸çè¦æ¨¡ã®ç¸äºæ¥ç¶æ§ã®æ§æ³ã®æ¡å¤§ã¯ãã¢ãã¬ã¹ç©ºéã®ä¸è¶³ã¨ã»ã- ã¥ãªãã£ä¸ã®åé¡ã«ãã£ã¦é»å®³ããã¦ããã1990年代åæãçµç¹ã¯ç¹ã«ç¸äºæ¥ç¶æ§ã軽æ¸ããç®çã§ããã¡ã¤ã¢ã¦ã©ã¼ã«ãå°å¥ãå§ããã大è¦æ¨¡ãªãããã¯ã¼ã¯ã¨çç³æ··æ·ã®ã¤ã³ã¿ã¼ãããã¨ã®éã«ãã¢ããªã±ã¼ã·ã§ã³ãã- ã- ã·ããããã¯ã¼ã¯ã¢ãã¬ã¹å¤æããã±ãããã£ã«ã¿ãªã©ã«ããé²å¾¡ç·ãå¼µãå·¡ãããããæå ±ã®èªç±ãªæµãã¯ãèªå¯ãããéä¿¡ãã£ã³ãã«ã¨ãããéãã³ã³ãã³ãã«å¯¾ããå³ããè¦å¶ã«ã¨ã£ã¦ä»£ããããã
ãã¡ã¤ã¢ã¦ã©ã¼ã«ãªã©ã®ãããã¯ã¼ã¯ä¸ã®é害ç©ã«ãã£ã¦ããããã¯ã¼ã¯ã®ãããã³ã°ã¯èããå°é£ã«ãªããããã¯ããããã以ä¸è»½æ¸ããããã¨ã¯ãªãã¯ãã ããã¤è¡ããããããããªãæ¢ç´¢è¡çºãé»æ- ¢ãããã¨ããããããæ©å¨ãå®è£ãã主ãªç®çã§ããå ´åãå¤ãããã§ãããããã§ããNmapã¯ããã®è¤éãªãããã¯ã¼ã¯ãç解ããã®ã«å½¹ç«ã¦ããããã£ã«ã¿ãç®çéãã«æ©è½ãã¦ãããã¨ãæ¤è¨¼ãããããããã®æ©è½ãæ°å¤ãåãã¦ãããã¾ããå®è£ãä¸å®å¨ãªé²å¾¡ç- ãåé¿ããä»çµã¿ã«ã対å¿ãã¦ãããèªèº«ã®ãããã¯ã¼ã¯ã»ã- ã¥ãªãã£ç¶æ³ãç解ããæåã®æ¹æ³ã®1ã¤ã¯ããããæã¡ç ´ã£ã¦ã¿ããã¨ã ãèªåãæ»æèã«ãªã£ãã¤ããã§ãæ¬ç¯ã®ãã¯ããã¯ãèªåèªèº«ã®ãããã¯ã¼ã¯ã«å¯¾ãã¦å®è¡ãã¦ã¿ãã¨ãããFTPãã¦ã³ã¹ã¹ã- ã£ã³ãIdleã¹ãã£ã³ããã©ã°ã¡ã³ãã¼ã·ã§ã³æ»æãªã©ãä»æããããèªåã®ããã- ã·ã®1ã¤ã«ãã³ãã«ãéããããã¦ã¿ããã
ä¼æ¥- ã¯ããããã¯ã¼ã¯æ´»åãå¶éãããã¨ã«å ãã¦ãä¾µå¥æ¤ç¥ã·ã¹ãã (IDS)ã«ãããã©ãã£ãã¯ç£è¦ãå¼·åãã¦ãã¦ãããã¡ã¸ã£ã¼ãªIDSã«ã¯ãã¹ã¦ãNmapã«ããã¹ã- ã£ã³ãæ¤ç¥ããããã«è¨è¨ãããã«ã¼ã«ãæ¨æºã§æè¼ããã¦ãããããã¯ãã¹ã- ã£ã³ãæ»æã«åç«ã£ã¦è¡ãããå ´åãããããã ããããã®è£½åã®å¤ãã¯æè¿ãä¾µå¥é²æ- ¢ã·ã¹ãã (IPS)ã«å§¿ãå¤ãã¦ãããIPSã¯ãæªæãããã¨è¦ãªããããã©ãã£ãã¯ãç©æ¥µçã«ãã- ãã¯ããããããã¯ã¼ã¯ç®¡çèãIDSãã³ãã«ã¨ã£ã¦æ®å¿µãªãã¨ã«ããã±ãããã¼ã¿ã解æãã¦æªæã確å®ã«æ¤ç¥ããã®ã¯å°é£ãªèª²é¡ã§ãããæ ¹æ°ã¨ã¹ã- ã«ãããã«Nmapã®ç¹å®ã®ãªãã·ã§ã³ã®æå©ããããã°ãæ»æèã¯ããã¦ãã®å ´åãIDSã«æ¤ç¥ãããªãã§éãéãããã¨ãã§ããããã®ä¸æ¹ã§ã管çèã¯å¤§éã®èª¤æ¤ç¥çµæã®å¯¾å¦ã«è¿½ããããã¨ã«ãªããIDSã®èª¤æ¤ç¥ã«ãã£ã¦ãæªæã®ãªãæ´»åã誤診ãããè- ¦åãçºããããããããã¯ããããããã
Nmapã«ã¯ããã¡ã¤ã¢ã¦ã©ã¼ã«ã«ã¼ã«ãåé¿ãããIDSããã£ããããæãããããããã®æ©è½ã¯æ- è¼ããªãããã«ããã¹ãã ã¨è¨ããããã¨ããã¾ã«ããããããã人ãã®è¨ãåã¯ããã®æã®æ©è½ã¯ã管çèãã»ã- ã¥ãªãã£åä¸ã®ããã«å©ç¨ããã®ã¨åããããã®ç¢ºçã§ãæ»æèã«æªç¨ãããããããããã¨ãããã®ã ããã®è«çã®åé¡ç¹ã¯ããããã«ãããã®ç¨®ã®ææ³ã¯æ»æèã«æªç¨ãããã«æ±ºã¾ã£ã¦ããã¨ãããã¨ã ãæ»æèã¯ãå¥ã®ãã¼ã«ãè¦ã¤ãã¦ããããNmapã«æ©è½ãçµã¿è¾¼ãã ããããã®ã ããã§ãããä¸æ¹ã管çèã¯ãèªåãã¡ã®æ¥- åãããã ãã¾ãã¾ãããã«ãããªãã¨æãããã ãããææ°åã®ãããããé©ç¨ããFTPãµã¼ããå°å¥ãããã¨ã¯ãFTPãã¦ã³ã¹æ»æãå®è£ãã¦ãããã¼ã«ã®éå¸ãé»æ- ¢ãããã¨ãããã¨ããããã¯ããã«å¼·åãªé²å¾¡çã«ãªãã
ãã¡ã¤ã¢ã¦ã©ã¼ã«ãIDSã·ã¹ãã ãæ¤åºãã¦ç ´å£ããããã®ãé- æ³ã®å¼¾ä¸¸ãã®ãããªNmapãªãã·ã§ã³ãªã©åå¨ããªããããã«ã¯ãã¹ã- ã«ã¨çµé¨ãå¿è¦ãªã®ã ããã¥ã¼ããªã¢ã«ã«ã¤ãã¦ã¯ãæ¬ãªãã¡ã¬ã³ã¹ã¬ã¤ãã®ç¯å²ãè¶ãã¦ãããæ¬ç¨¿ã®ç®çã¯åã«ãé¢é£ãããªãã·ã§ã³ãåæããããã§ä½ãã§ãããã«ã¤ãã¦èª¬æãããã¨ã ãã§ããã
−f (ãã±ããããã©ã°ã¡ã³ãåãã); −−mtu (æå®ããMTUãç¨ãã)
−fãªãã·ã§ã³ãæå®ããã¨ãè¦æ±ãããã¹ãã£ã³(pingã¹ãã£ã³ãå«ã)ã¯å°ããæ- çåãããIPãã±ãããå©ç¨ããããã«ãªãããããè¡ãç®çã¯ãTCPããããè¤æ°ã®ãã±ããã«åå²ãããã¨ã§ããã±ãããã£ã«ã¿ãä¾µå¥æ¤ç¥ã·ã¹ãã (IDS)ãªã©ã®åä»ãªã»ã- ã¥ãªãã£çã«ã¹ã- ã£ã³ãæ¤ç¥ããã«ãããããã¨ã§ããããã ãã以ä¸ã®ç¹ã«ã¯æ³¨æãå¿è¦ã ãããªãã¡ããã- ã°ã©ã ã®ãªãã«ã¯ããã®ãããªå°ããªãã±ããã®å¦çã«ãã£ã¦åé¡ãçãããã®ããããã¨ã ãæ§å¼ã®ã¹ããã¡ãSniffitãã¯ãæåã®ãã©ã°ã¡ã³ããåä¿¡ããç¬éã«ã»ã°ã¡ã³ãã¼ã·ã§ã³é害ãèµ·ãããããã®ãªãã·ã§ã³ãä¸åº¦æå®ããã¨ãNmapã¯IPãããã8ãã¤ãããã以ä¸ã®å¤§ããã®ãã±ããã«åå²ãããã¤ã¾ãã20ãã¤ãã®TCPãããã¯3ã¤ã®ãã±ããã«åå²ããããã¨ã«ãªãã8ãã¤ãã®ãã±ããã2ã¤ã¨ãæ®ãã®1ã¤ã4ãã¤ãã«ãªãããã¡ãããåãã©ã°ã¡ã³ãã«ãIPããããããã−fãå度æå®ããã¨ããã©ã°ã¡ã³ãããã16ãã¤ãã使ããã(ãã©ã°ã¡ã³ãã®æ°ã¯æ¸ã)ããããã¯ã−−mtuãªãã·ã§ã³ã§ãã¦ã¼ã¶ç¬èªã®åå²ãµã¤ãºãæå®ãããã¨ãã§ããã−−mtuã使ãå ´åã¯ãåæã«−fã¯æå®ããªããã¨ãåå²ãµã¤ãºã¯8ã®åæ°ã«ããå¿è¦ããããæ- çåããããã±ããã¯ããã¹ã¦ã®IPãã©ã°ã¡ã³ããå¾ã¡è¡åã«å¥ãããã±ãããã£ã«ã¿ããã¡ã¤ã¢ã¦ã©ã¼ã«ï¼ä¾ãã°ãLinuxã«ã¼ãã«ã®CONFIG_IP_ALWAYS_DEFRAGãªãã·ã§ã³ãªã©ï¼ãéãæãããã¨ã¯ã§ããªããããããã¯ã¼ã¯ã«ãã£ã¦ã¯ããã®æ- çåã«ãã£ã¦çããããã©ã¼ãã³ã¹ã®ä½ä¸ã«èããããªãããã«ããããç¡å¹ã«ãã¦ããã¨ããããããã¾ããã以å¤ã«ããåãã©ã°ã¡ã³ããããããç°ãªãçµè·¯ãéã£ã¦ãããã¯ã¼ã¯ã«è³ãå¯è½æ§ãããããã«ããã®æ©è½ãæå¹ã«ã§ããªãã¨ããããããä¸é¨ã®çºä¿¡åã·ã¹ãã ã§ã¯ãã«ã¼ãã«ã§çºä¿¡ãã±ããã®ãã©ã°ã¡ã³ãåã解æ¶ãããã®ããããã³ãã¯ã·ã§ã³è¿½è·¡ã¢ã¸ã¥ã¼ã«ã®ãiptablesããåããLinuxãªã©ãããã«ããããéä¿¡ãã±ããããã¡ãã¨ãã©ã°ã¡ã³ãåããã¦ãããã¨ã確èªããããã«ãEtherealãªã©ã®ã¹ããã¡ãå®è¡ããªãããã¹ã- ã£ã³ãè¡ãããã«ãããã¨ãèªèº«ã®ãã¹ãã®OSãåå ã§åé¡ãçããå ´åã¯ãIP層ãåé¿ãã¦ãçãã¤ã¼ãµããã ãã¬ã¼ã ãéãããã«ã−−send−ethã試ãã¦ã¿ãã¨ããã
−D
ãã¨ã(å®)ã¹ãã£ã³ãå®è¡ããããã¨ãã¹ãã£ã³ã¨ã¯ãå®éã®ã¹ã- ã£ã³ã®ä»ã«ããã¨ãã¨ãã¦æå®ãããã¹ã(è¤æ°å¯)ãã¿ã¼ã²ãããããã¯ã¼ã¯ãã¹ã- ã£ã³ãã¦ããããã«ãªã¢ã¼ããã¹ãã«è¦ããããããã®ãã®ã§ããããã®çµæã対象ãã¹ãã®IDSã¯ãããããç°ãªãè¤æ°ã®IPã¢ãã¬ã¹ããã5ãã10ã®ãã¼ãã¹ã- ã£ã³ãå®è¡ããããã¨ãå ±åããå ´åãããããå®éã«ã©ã®IPãã¹ã- ã£ã³ãå®è¡ãã¦ãããã®ã§ãã©ããç¡å®ã®ãã¨ãã ã£ãã®ããç¥ããããã¨ã¯ãªãããã®ãã¨ãã¹ã- ã£ã³ã¯ãã«ã¼ã¿ã®çµè·¯è¿½è·¡ãå¿çã®ç ´æ£ããã®ä»ã®åçã¡ã«ããºã ã«ãã£ã¦é»æ- ¢ãããå¯è½æ§ãããããé常ã¯æ»æåã®IPã¢ãã¬ã¹ãé è½ããææ³ã¨ãã¦é常ã«å¹æçã§ããã
åãã¨ããã¹ãã¯ã³ã³ãã§åºåãããã¨ãã®1ã¤ã¨ãã¦ME(èªå)ãªãã·ã§ã³ãç¨ãã¦ãã¦ã¼ã¶ã®æ¬ç©ã®IPã¢ãã¬ã¹ããã®ä½ç½®ã«è¡¨ç¤ºãããã¨ãã§ãããMEããã¨ããã¹ãã®6çªç®ä»¥éã«ç½®ãã¨ã(Solar Designerã®åªããscanlogdãªã©ã®)ãã使ãããä¸é¨ã®ãã¼ãã¹ã- ã£ã³æ¤åºãã¼ã«ããã¦ã¼ã¶ã®IPã¢ãã¬ã¹ãæããã«ãããã¨ã¯ã»ã¼ä¸å¯è½ã§ãããMEãªãã·ã§ã³ã使ããªãå ´åãã¦ã¼ã¶ã¯Nmapãç¡ä½çºã«é¸ãã ä½ç½®ã«ç½®ãããã
注æãã¹ãç¹ã¯ããã¨ãã¨ãã¦ä½¿ç¨ãããã¹ãã稼åä¸- ã§ãªãã¨ãã¿ã¼ã²ããã«èª¤ã£ã¦SYN floodæ»æãä»æãããã¨ã«ãªããã¾ãããããã¯ã¼ã¯ä¸ã§å®éã«ç¨¼åãã¦ãããã¹ãã1ã¤ãããªãå ´åã¯ãã©ã®ãã¹ããã¹ã- ã£ã³ãå®è¡ãã¦ãããã容æã«ç¹å®ããã¦ãã¾ããã¾ãããã¹ãåãããIPã¢ãã¬ã¹ã使ã£ãæ¹ãããã ãã(ãã¨ããããã¯ã¼ã¯ã®ãã¼ã ãµã¼ãã®ã- ã°ã«è¨é²ãããªãããã«ãããã)ã
ãã¨ãã¯ãåæ段éã«è¡ãpingã¹ã- ã£ã³ï¼ICMPãSYNãACKããã®ä»å©ç¨ã§ãããã®ãªãä½ã§ãï¼ã¨ãå®éã®ãã¼ãã¹ã- ã£ã³ã®å®è¡æ®µéã®ä¸¡æ¹ã§ä½¿ç¨ããããã¾ãããªã¢ã¼ãOSæ¤åº(−O)ãè¡ãéã«ã使ããããã ãããã¼ã¸ã§ã³æ¤åºãTCP connect()ã¹ãã£ã³ã¨ã¯é£æºããªãã
ãã¨ããå¤ã使ããããã¨ãã¹ã- ã£ã³ã®é度ãä½ä¸ããã ãã§ãªãã精度ãä¸ãããããããããã¨ã«æ³¨æãããã¾ããä¸é¨ã®ISPã¯å½è£ãã±ããããã£ã«ã¿ã§é¤å¤ãã¦ããããå½è£ããIPãã±ãããå¶éãã¦ããã¨ããã¯å°ãªãã
−S
ä¸é¨ã®ç°å¢ã§ã¯ãNmapãã¦ã¼ã¶ã®ã½ã¼ã¹ã¢ãã¬ã¹ãç¹å®ã§ããªãå ´åããã(ãã®å ´åã¯ããªãããNmapããã¦ã¼ã¶ã«éç¥ããã)ãããããç¶æ³ã§ã¯ã−Sãªãã·ã§ã³ã使ã£ã¦ããã±ããã®éä¿¡ã«å©ç¨ãããã¤ã³ã¿ã¼ãã§ã¼ã¹ã®IPã¢ãã¬ã¹ãæå®ãããã¨ã
ãã®ãã©ã°ã®ä»ã®å©ç¨æ¹æ³ã¨ãã¦èããããã®ã¯ãã¹ã- ã£ã³ãå½è£ãã¦ã第ä¸èï¼èª°ãå¥ã®äººéï¼ãã¹ã- ã£ã³ãå®è¡ãã¦ããã¨ã¿ã¼ã²ããã«æãè¾¼ã¾ãããã¨ã ãä¼æ¥ããã©ã¤ãã«ä¼æ¥- ããç¹°ãè¿ããã¼ãã¹ã- ã£ã³ãåããã¨ãããã©ããªãã ãããããã®ç¨®ã®ç¨éã«ç¨ããã«ã¯ãããã¦ãã®å ´å−eãªãã·ã§ã³ãå¿è¦ã«ãªãã ãããã¾ãé常ã¯−P0ã使ã£ãæ¹ãæã¾ããã
−e
ãã±ãããéåä¿¡ããéã«ãã©ã®ã¤ã³ã¿ã¼ãã§ã¼ã¹ãå©ç¨ããããNmapã«ä¼ããããã®ãªãã·ã§ã³ãNmapã¯ãã¤ã³ã¿ã¼ãã§ã¼ã¹ãèªåçã«æ¤ç¥ã§ããããã«ãªã£ã¦ããããæ¤ç¥ã§ããªãå ´åã¯ãã®æ¨ãã¦ã¼ã¶ã«éç¥ãããã
−−source−port
ããè¦ãããè¨- å®ãã¹ã®1ã¤ã¯ãã½ã¼ã¹ãã¼ãçªå·ã ããåºæºã«ãã¦ããã©ãã£ãã¯ãä¿¡é ¼ãã¦ãããã¨ã§ããããããã©ã®ããã«ãã¦èµ·ããããç解ããã®ã¯ç°¡åã§ããã管çèãçæ°ãããã¡ã¤ã¢ã¦ã©ã¼ã«ãã»ããã¢ããããã¨å¿ããæ©ç¥ããã®ã¦ã¼ã¶ãããã¢ããªã±ã¼ã·ã§ã³ãæ©è½ããªããªã£ãã¨ããè¦æã殺å°ãããã¨ã«ãªããã®ã ãç¹ã«ãå¤é¨ãµã¼ãããã®UDP DNSå¿ç- ããããã¯ã¼ã¯ã«å¥ããªããªããã¨ãåå ã§ãDNSãåããªããªãå ´åãããããã®ä»ã«ãFTPãããè¦ãããä¾ã§ãããã¢ã¯ãã£ãFTP転éãè¡ãããéã«ããªã¢ã¼ããµã¼ãã¯ãè¦æ±ããããã¡ã¤ã«ã転éããããã«ãåã³ã¯ã©ã¤ã¢ã³ãã¸ã®ã³ãã¯ã·ã§ã³ã確ç«ãããã¨ããã
ãããã®åé¡ã«å¯¾ããã»ã- ã¥ã¢ãªã½ãªã¥ã¼ã·ã§ã³ã¯ãå¤ãã®å ´åãã¢ããªã±ã¼ã·ã§ã³ã¬ãã«ã®ãããã·ãããã- ãã³ã«è§£æåãã¡ã¤ã¢ã¦ã©ã¼ã«ã¢ã¸ã¥ã¼ã«ã®å½¢ã§å- å¨ãããã ãæ®å¿µãªããããã£ã¨ç°¡åã§ãå®å¨æ§ã®ä½ãã½ãªã¥ã¼ã·ã§ã³ãããã®ã ãå¤ãã®ç®¡çèã¯ãDNSå¿ç- ã¯53çªãã¼ããããã¢ã¯ãã£ãftpã¯20çªãã¼ãããæ¥ããã¨ã«æ³¨ç®ãããããã®ãã¼ãããã®ååããã©ãã£ãã¯ãç¡æ¡ä»¶ã«è¨±å¯ãã¦ãã¾ãã¨ããç½ ã«é¥ãããããããã¡ã¤ã¢ã¦ã©ã¼ã«ã®æãç©´ã®å- å¨ã«æ°ä»ãã¦æªç¨ãããããªæ»æèãããã¨ã¯æã£ã¦ãããªãå ´åãå¤ããã¾ãå¥ã®ã±ã¼ã¹ã§ã¯ã管çèãããããå¦ç½®ããããå®å¨æ§ã®é«ãã½ãªã¥ã¼ã·ã§ã³ãå®è£ããã¾ã§ã®ç- æéã®å¿æ¥å¦ç½®ã¨è¦ãªãã¦ããå ´åããããããã¦çµå±ãã»ã- ã¥ãªãã£ãåä¸ããããã¨ãªã©ãã£ããå¿ãã¦ãã¾ãããã ã
ããããç½ ã«é¥ãã®ã¯ä½ããå¤å¿ãªãããã¯ã¼ã¯ç®¡çèã ãã§ã¯ãªãããã®ç¨®ã®å®å¨æ§ã®ä½ãã«ã¼ã«ãæ¨æºã§è£åããã¦ãã製åã¯è¨å¤§ãªæ°ã«ã®ã¼ãããã¤ã¯ã- ã½ãã社ã«ãã責任ã®ä¸ç«¯ã¯ãããWindows 2000 ã Windows XPã«æ¨æºè£åããã¦ããIPsecãã£ã«ã¿ã«ã¯ã88çªãã¼ã(Kerberos)ããã®TCP ã UDPã®ãã©ãã£ãã¯ããã¹ã¦è¨±å¯ããã¨ããæé»ã®ã«ã¼ã«ãå«ã¾ãã¦ããããã®ä»ã«æåãªã±ã¼ã¹ã§ã¯ãZone Alarm社製ãã¼ã½ãã«ãã¡ã¤ã¢ã¦ã©ã¼ã«ã®2.1.25以ä¸ã®ãã¼ã·ã§ã³ã§ã¯ãã½ã¼ã¹ãã¼ãã53çª(DNS)ã¨67çª(DHCP)ã®ååãUDPãã±ããããã¹ã¦è¨±å¯ããããã«ãªã£ã¦ããã
Nmapã«ã¯ããã®ç¨®ã®å¼±ç¹ãçªãããã®ãªãã·ã§ã³ã¨ãã¦ã−g ã−−source−port(ãããã¯åç- ã®ãã®)ãç¨æããã¦ãããåãã¼ãçªå·ãæå®ããã¨ãå¯è½ãªå ´åã§ããã°ãNmapã¯ãã®ãã¼ããããã±ãããéä¿¡ãããç¹å®ã®OSæ¤åºæ¤æ»ãæ- £ããæ©è½ããããã«ããããã«ãNmapã¯æ§ããªãã¼ãçªå·ã使ç¨ããå¿è¦ããããNmapã¯DNSè¦æ±ã®å¦çã«ã·ã¹ãã ã®ã©ã¤ãã©ãªãç¨ãã¦ããã®ã§ããã®−−source−portãã©ã°ãæå®ãã¦ãã¦ããDNSè¦æ±ã«ã¯ç¡è¦ããããã¨ã«ãªããSYNã¹ã- ã£ã³ãå«ã大é¨åã®TCPã¹ãã£ã³ãããã³UDPã¹ã- ã£ã³ã¯ããã®ãªãã·ã§ã³ã«å®å¨ã«å¯¾å¿ãã¦ããã
−−data−length
é常ãNmapã¯ãããã®ã¿ãå«ãæå°éã®ãã±ãããéä¿¡ãããå¾ã£ã¦ãTCPãã±ããã¯é常40ãã¤ããICMPã¨ã³ã¼è¦æ±ãã±ããã¯28ãã¤ãç¨åº¦ã®å¤§ãããããªãããã®ãªãã·ã§ã³ã¯ãNmapãéä¿¡ããã»ã¨ãã©ã®ãã±ããã«ãæå®ãããã¤ãæ°ã®ã©ã³ãã ãã¼ã¿ãä»å ããããã«ãããOSæ¤åº(−O)ãã±ããã«ã¯ãã¼ã¿ã¯ä»å ãããªãããã»ã¨ãã©ã®ping ããã³ãã¼ãã¹ãã£ã³ã®ãã±ããã«ã¯ä»å ããããããã«ãããå¦çé度ã¯ä½ä¸ããããã¹ã- ã£ã³ãå¹¾åã§ãç®ç«ããªããããã¨ãã§ããã
−−ttl
éä¿¡ãã±ããã®IPv4çåæé(TTLï¼Time−to−Live)ãã£ã¼ã«ããæå®ããå¤ã«è¨å®ããã
−−randomize−hosts (ã¿ã¼ã²ãããã¹ãã®é çªãç¡ä½çºåãã)
ãã®ãªãã·ã§ã³ã¯ãNmapãã¹ã- ã£ã³ãå®è¡ããåã«ãåã°ã«ã¼ããããæ大8096ã®ãã¹ããã©ã³ãã ã«ä¸¦ã³æ¿ããããã«ãããããã«ãããç¹ã«ã¹ã- ã£ã³é度ãéãè¨- å®ããã¿ã¤ãã³ã°ãªãã·ã§ã³ã¨ä½µç¨ããå ´åã¯ãå種ãããã¯ã¼ã¯ç£è¦ã·ã¹ãã ã«ã¹ã- ã£ã³ãæ¤ç¥ãããå¯è½æ§ãå°ãããããã¨ãã§ããããã大è¦æ¨¡ãªã°ã«ã¼ããç¡ä½çºåãããå ´åã¯ãnmap.hã®PING_GROUP_SZãå¢ããã¦åã³ã³ãã¤ã«ãããå¥ã®æ段ã¨ãã¦ã¯ããªã¹ãã¹ã- ã£ã³ã§ã¿ã¼ã²ããIPãªã¹ããä½æã(−sL −n −oN filename)ããããPerlã¹ã¯ãªããã§ç¡ä½çºåãã¦ã−iLã§ãªã¹ãããã®ã¾ã¾Nmapã«æ¸¡ãã
−−spoof−mac
Nmapãéä¿¡ãããã¹ã¦ã®çã¤ã¼ãµããã ãã¬ã¼ã ã«ãæå®ããMACã¢ãã¬ã¹ã使ãããã«ããããã®ãªãã·ã§ã³ã¯ãNmapãå®éã«ã¤ã¼ãµãããã¬ãã«ã®ãã±ãããéä¿¡ããããã«ã−−send−ethãå¿è¦æ¡ä»¶ã«ãªããMACã¢ãã¬ã¹ã¯ããã¾ãã¾ãªå½¢å¼ã§æå®ã§ãããæå- åã®ã0ãã ããæå®ãããå ´åã¯ãNmapã¯ã»ãã·ã§ã³ã®MACã¢ãã¬ã¹ãå®å¨ã«ç¡ä½çºã«é¸ã¶ãæå®ããæå- åãå¶æ°ã®16é²æ°(ä¸çµãã¤ç¶æ³ã«å¿ãã¦ã³ã- ã³ã§åºåã)ã®å ´åã¯ãNmapã¯ãããMACã¢ãã¬ã¹ã¨ãã¦ä½¿ç¨ããã12æ¡æªæºã®16é²æ°ãæå®ãããå ´åã¯ãNmapã¯æ®ãã®6ãã¤ãã«ã©ã³ãã ãªå¤ãè£åãããå¼æ°ã0ã16é²æå- åã§ã¯ãªãå ´åã¯ãNmapã¯nmap−mac−prefixes ã調ã¹ã¦ãæå®ããæå- åãå«ããã³ãåãè¦ã¤ãã(大æåã¨å°æå- ã¯åºå¥ãããªã)ãä¸è´ãããã®ããã£ãå ´åããã®ãã³ãã®OUI(Organizationally Unique Identifier:3ãã¤ãã®ãã³ãã³ã¼ã)ã使ç¨ããæ®ãã®3ãã¤ãã«ã¯ã©ã³ãã ã«è¨å¥ãããæå¹ãª−−spoof−macå¼æ°ã¯ãAppleã0ã01:02:03:04:05:06ãdeadbeefcafeã0020F2ãCiscoãªã©ã«ãªãã
åºå
ã»ã- ã¥ãªãã£ãã¼ã«ã®å®ç¨æ§ã¯ãçæãããåºåã§æ±ºã¾ããè¤éãªãã¹ããã¢ã«ã´ãªãºã ããçµæãæ´çããããããããããå½¢ã§æ示ãããªããã°ãã»ã¨ãã©ä¾¡å¤ã¯ãªããã¦ã¼ã¶ãä»ã®ã½ããã¦ã§ã¢ã«ããNmapã®ä½¿ãæ¹ãããã»ã©æ°å¤ããããã¨ãèããã¨ããã£ã1ã¤ã§ãã¹ã¦ã®ã¦ã¼ã¶ãæºè¶³ãããããªãã©ã¼ããããå- å¨ããã¯ãããªããããã§Nmapã«ã¯ã人éãç´æ¥èª- ããããã«ããã¤ã³ã¿ã©ã¯ãã£ãæ¹å¼ããã½ããã¦ã§ã¢ã§ç°¡åã«è§£æã§ããXMLæ¹å¼ãªã©ã®ãã¾ãã¾ãªåºåãã©ã¼ããããç¨æããã¦ããã
Nmapã«ã¯æ§ããªåºåãã©ã¼ããããåãã£ã¦ããã ãã§ãªããåºåããããã°ã¡ãã»ã¼ã¸ã®åé·æ§ãå¶å¾¡ãããªãã·ã§ã³ãç¨æããã¦ãããåºåçµæã¯æ¨æºåºå(stdout)ãæå®ãããã¡ã¤ã«ã«éãããããã¡ã¤ã«ã«ã¯ãã¼ã¿ã追å ãããä¸æ¸ããããã§ãããã¾ããåºåãã¡ã¤ã«ã¯ãä¸- æããã¹ãã£ã³ãåéããããã«ã使ãããã
Nmapã®åºåã¯ã5種é¡ã®ãã©ã¼ããããå©ç¨ã§ãããããã©ã«ãã¯interactive outputï¼ã¤ã³ã¿ã©ã¯ãã£ãåºåï¼ã¨å¼ã°ãããã®ã§ãæ¨æºåºåã«éããããã¾ããåºåã«ã¯ãnormal outputï¼é常åºåï¼ã¨ããã®ããããããã¯ãã¤ã³ã¿ã©ã¯ãã£ãã«ä¼¼ã¦ããããç°ãªãç¹ã¯ãå®è¡æéæå ±ãè- ¦åã表示ãããåæ°ãå°ãªããã¨ã§ããããã®çç±ã¯ããã®åºåããã¤ã³ã¿ã©ã¯ãã£ãã«ã§ã¯ãªãã¦ãã¹ã- ã£ã³å®äºå¾ã«è§£æããããã«æä¾ããããã®ã ããã§ããã
XMLåºåã¯ãæãéè¦ãªåºåã¿ã¤ãã®1ã¤ã§ãããHTMLã«å¤æããNmapã®GUIããã¼ã¿ãã¼ã¹ã«ã¤ã³ãã¼ããã¦ããã- ã°ã©ã ã§å®¹æã«è§£æã§ããã
æ®ã2ã¤ã®åºåã¿ã¤ãã¯ãgrepã§æ¤ç´¢å¯è½ãªã·ã³ãã«ãªåºåã§ãã¿ã¼ã²ãããã¹ãã«é¢ããã»ã¨ãã©ã®æå ±ã1è¡ã§è¡¨ç¤ºããããã®ã¨ãèªåã®ãã¨ã>sCRiPt KiDDi3ã ã¨æãã¦ã¼ã¶åãã®sCRiPt KiDDi3 0utPUtï¼åºåï¼ã ã
ã¤ã³ã¿ã©ã¯ãã£ãåºåã¯ããã©ã«ãã§ãé¢é£ããã³ãã³ãã©ã¤ã³ãªãã·ã§ã³ã¯ãªãããä»ã®4ã¤ã®ãã©ã¼ããããªãã·ã§ã³ã§ã¯ãåãæ§æã使ããããåãå¼æ°ã¯1ã¤ã§ãçµæãä¿å- ãããã¡ã¤ã«åã§ãããè¤æ°ã®ãã©ã¼ããããæå®ãã¦ãããããåãã©ã¼ãããã¯1度ããæå®ã§ããªããä¾ãã°ãèªåã®èª¿æ»ç¨ã«é常ã®åºåãä¿å- ããåæã«åãã¹ãã£ã³çµæãããã°ã©ã ã®è§£æç¨ã«XMLå½¢å¼ã§ä¿å- ãããå ´åãããã ãããããã¯ã−oX myscan.xml −oN myscan.nmapã¨ãããªãã·ã§ã³ã使ã£ã¦å®è¡ã§ããããªããããã§ã¯ç°¡æ½ã«ããããã«myscan.xmlã®ãããªåç´ãªãã¡ã¤ã«åãç¨ãã¦ããããé常ã¯ãã£ã¨èª¬æçãªååã«ããã®ãæ¨å¥¨ããã¦ãããã©ã®ãããªãã¡ã¤ã«åã«ãããã¯ãå人ã®å¥½ã¿ã®åé¡ã ããç- èã¯ã¹ãã£ã³ã®å®æ½æ¥ã¨ç°¡åãªã³ã¡ã³ããçµã¿å¥ããé·ãååã使ããã¹ã- ã£ã³å¯¾è±¡ã®ä¼æ¥åã«ã¡ãªãã ååã®ãã£ã¬ã¯ããªã«å¥ãã¦ããã
ãããã®ãªãã·ã§ã³ã¯çµæããã¡ã¤ã«ã«ä¿å- ããããåæã«Nmapã¯é常éãã¤ã³ã¿ã©ã¯ãã£ãåºåãæ¨æºåºå(stdout)ã«æ¸ãåºãã¦ãããä¾ãã°ãnmap −oX myscan.xml targetã¨ããã³ãã³ãã§ãXMLåºåãmyscan.xmlã«æ¸ãè¾¼ã¾ããåãçµæã®ã¤ã³ã¿ã©ã¯ãã£ãåºåãæ¨æºåºåã«æ¸ãåºãããããã®åºåã¯ã−oXãæå®ãããªãã£ãå ´åã§ãè¡ãããããã¤ãã³(−)æå- ãå¼æ°ã¨ãã¦ãã©ã¼ãããã¿ã¤ãã®1ã¤ã«æ¸¡ãã¨ããããå¤æ´ãããã¨ãã§ãããããªãã¡ãNmapã¯ã¤ã³ã¿ã©ã¯ãã£ãåºåãåæ- ¢ãã¦ã代ããã«ã¦ã¼ã¶ãæå®ããå½¢å¼ã®çµæããæ¨æºåºåã¹ããªã¼ã (stdout)ã«æ¸ãåºããã¨ã«ãªããnmap −oX − targetã¨ããã³ãã³ãã§ã¯ãXMLåºåã ããstdoutã«éãããããã®å ´åããé大ãªã¨ã©ã¼ã¯æ¨æºã¨ã©ã¼ã¹ããªã¼ã (stderr)ã«æ¸ãåºãããå ´åãããã
Nmapã®ä¸é¨ã®å¼æ°ã¨ã¯ç°ãªããã- ã°ãã¡ã¤ã«ãªãã·ã§ã³ã®ãã©ã°(ä¾ï¼−oX)ã¨ãã¡ã¤ã«åããã¤ãã³ã¨ã®éã®ã¹ãã¼ã¹ã¯å¿é ã§ããããã®æ³¨æãç¡è¦ãã¦ãå¼æ°ã−oG−ã−oG−ã®ããã«æå®ããããNmapã®ä¸ä½äºææ©è½ã«ãããããããG−ãXscan.xmlã¨ããååã®æ¨æºãã©ã¼ãããã®åºåãã¡ã¤ã«ãä½æãããã
ã¾ãNmapã«ã¯ãã¹ã- ã£ã³çµæã®åé·æ§ãå¶å¾¡ãããªãã·ã§ã³ããåºåãã¡ã¤ã«ã«ä¸æ¸ãããªãã§è¿½å æ¸ãè¾¼ã¿ããããã®ãªãã·ã§ã³ãç¨æããã¦ããããããã®ãªãã·ã§ã³ã«ã¤ãã¦ã¯ãã¹ã¦ä»¥ä¸ã§èª¬æããã
Nmapã®åºåãã©ã¼ããã
−oN
é常ã®åºåãæå®ããååã®ãã¡ã¤ã«ã«æ¸ãè¾¼ã¾ããããã«ãããä¸ã§è¿°ã¹ãéããããã¯ã¤ã³ã¿ã©ã¯ãã£ãåºåã¨ä¸é¨ç°ãªãã
−oX
XMLåºåãæå®ããååã®ãã¡ã¤ã«ã«æ¸ãè¾¼ã¾ããããã«ãããNmapã«ã¯ææ¸åå®ç¾©(DTD)ãçµã¿è¾¼ã¾ãã¦ãããXMLãã¼ãµã¼ã¯ãããç¨ãã¦ãNmapã®XMLåºåãæ¤è¨¼ãããæ¬æ¥ã¯ãã- ã°ã©ã ã«ãã使ç¨ãç®çã¨ãããã®ã ãã人éãNmapã®XMLåºåã解éããã®ã«ãå½¹ç«ã¤ãDTDã«ã¯ããã©ã¼ãããã®ææ³è¦ç´ ãå®ç¾©ããã¦ããããããã®è¦ç´ ãåããã¨ã®ã§ããå±æ§ãå¤ãåæããã¦ãããã¨ãå¤ããææ°çã¯ä»¥ä¸ãã常æå¥æã§ããï¼- https://nmap.org/data/nmap.dtd
XMLã¯ãã½ããã¦ã§ã¢ã§å®¹æã«è§£æã§ããå®åæ¸å¼ãæä¾ãããC/C++ãPerlãPythonãJavaãªã©ãå«ããããããã¡ã¸ã£ã¼ãªã³ã³ãã¥ã¼ã¿è¨èªç¨ã®XMLãã¼ãµã¼ããããªã¼ã§å¥æã§ããããã«ãªã£ã¦ããããããã®è¨èªã®ã»ã¨ãã©ã«ã¤ãã¦ã¯ãNmapã®åºåã¨å®è¡ã«ç¹åãã¦å¦çããããã®ãã¤ã³ãã£ã³ã°ãä½æããã¦ãããä¾ãã°ãPerl CPAN(Comprehensive Perl Archive Network)ã®Nmap::Scanner [6] ã Nmap::Parser [7] ãªã©ããããéè¦ãªã¢ããªã±ã¼ã·ã§ã³ãNmapã¨ã¤ã³ã¿ã¼ãã§ã¼ã¹ã§é£çµããå ´åã¯ã»ã¨ãã©ãXMLãæ¨å¥¨ãã©ã¼ãããã«ãªãã
XMLåºåã¯XSLã¹ã¿ã¤ã«ã·ã¼ããåç§ãã¦ãåºåçµæã®æ¸å¼ãHTMLã«å¤æã§ãããããã使ç¨ããæãç°¡åãªæ¹æ³ã¨ãã¦ã¯ãåã«FirefoxãIEãªã©ã®Webãã©ã¦ã¶ã§XMLåºåãèª- ã¿è¾¼ãã ãã§ãããããã©ã«ãã§ã¯ãããã¯Nmapãå®è¡ãããã·ã³ä¸(ãããã¯åãæ§æã®ãã·ã³)ã§ã®ã¿æ©è½ãããããã¯ãnmap.xslã®ãã¡ã¤ã«ã·ã¹ãã ã®ãã¹ããã¼ãã³ã¼ãåããã¦ããããã§ãããWebã«æ¥ç¶ãããã·ã³ä¸ã§ããã°HTMLã¨ãã¦è¡¨ç¤ºããããããªã移æ¤æ§ã®ããXMLãã¡ã¤ã«ãä½æããæ¹æ³ã«ã¤ãã¦ã¯ã−−stylesheetãªãã·ã§ã³ã®é ãåç§ã®ãã¨ã
−oS
ã¹ã¯ãªããããã£åºåã¯ãã¤ã³ã¿ã©ã¯ãã£ãåºåã«ä¼¼ã¦ããããç°ãªãç¹ã¯ããl33t HaXXorZã(leet hacker)åãã«å¾å¦çãã¦ãããã¨ã ãNmapã¯ä»¥åãããä¸è²«æ§ã®ãã大æå- ãã¹ãã«ã®ä½¿ãæ¹ã®ããã§ããã®äººãã¡ã«è¦ä¸ããã¦ãããã¦ã¼ã¢ã¢ã解ããªã人ãã¯ããã¹ã¯ãªããã- ãã£ã®æå©ãããã¦ãããã¨ãã¦ç- èã«éé£ã®è¨èãæµ´ã³ããåã«ãã¾ãæ°ä»ãã¹ãã ããã®ãªãã·ã§ã³ããå½¼ããããããããã®ãã®ã ã¨ãããã¨ãã
−oG
ãã®åºåãã©ã¼ããããæå¾ã«åãä¸ããã®ã¯ãå»æ- ¢äºå®ã ããã ãXMLåºåãã©ã¼ãããã®ã»ããã¯ããã«å¼·åã§ãããçç·´ã¦ã¼ã¶ã«ã¨ã£ã¦ã®ä½¿ãåæãã»ã¼å¤ãããªããXMLã¯ãã¼ãµã¼ã®æ¨æºã§ãå¤æ°ã®åªããXMLãã¼ãµã¼ãå©ç¨å¯è½ã«ãªã£ã¦ããã®ã«å¯¾ããgrepå¯è½åºåã¯ç- èç¬èªã®ã¹ã¯ãªããã«éããªããXMLã¯æ¡å¼µæ§ãé«ããNmapã®æ°æ©è½ããªãªã¼ã¹ããããã³ã«å¯¾å¿å¯è½ã ããgrepå¯è½åºåã«ã¯ããããæ©è½ã追å ããä½å°ããªããããå²æããããå¾ãªããã¨ãå¤ãã
ã¨ã¯ãããã¯ããgrepå¯è½åºåã¯ãã¾ã ã«åºã使ããã¦ãããå対象ãã¹ããä¸è¡ãã¤åæããã¦ããã¨ããã·ã³ãã«ãªå½¢å¼ã§ãgrepãawkãcutãsedãdiffãPerlãªã©ã®UNIXã®æ¨æºãã¼ã«ã使ã£ã¦ç°¡åã«æ¤ç´¢ã解æãè¡ããã¨ãã§ãããç- èãé常ãã³ãã³ãã©ã¤ã³ã§è¡ãã¡ãã£ã¨ãããã¹ãã®ããã«ä½¿ç¨ãã¦ãããsshãã¼ããéãã¦ãããã¹ãããSolarisãå®è¡ãã¦ãããã¹ããªã©ãè¦ã¤ããå ´åãç°¡åãªgrepæ¤ç´¢ãè¡ãã¨ããããããã¹ãããã¹ã¦ç¹å®ãããã¤ãã§awkãcutã³ãã³ãã«éã£ã¦ãç®çã®ãã£ã¼ã«ããæ¸ãåºããã¨ãã§ããã
Grepå¯è½åºåã¯ãã³ã¡ã³ãè¡(ãã¦ã³ã(#)è¨å·ã§å§ã¾ãè¡)ã¨ã¿ã¼ã²ããè¡ã§æ§æããããã¿ã¼ã²ããè¡ã¯ã6ã¤ã®ã©ãã«ä»ããã£ã¼ã«ãã®çµã¿åããã«ãªã£ã¦ãããããããã®ãã£ã¼ã«ãã¯ã¿ãã§åºåãããæå¾ã«ã³ã- ã³ãä»ããåãã£ã¼ã«ãã¯ãHostãPortsãProtocolsãIgnored StateãOSãSeq IndexãIPIDãStatusã«ãªã£ã¦ããã
ãããã®ãã£ã¼ã«ãã®ä¸- ã§é常æãéè¦ãªã®ã¯ãPorts(ãã¼ã)ã§ãããããããããããã®èå³ãããã¼ãã«é¢ãã詳細æå ±ãå¾ãããããã¼ãã¨ã³ããªã®ã«ã³ãåºåããªã¹ãã«ãªã£ã¦ãããåãã¼ãã¨ã³ããªã¯ã1ã¤ã®èå³ãããã¼ãã表ãã7ã¤ã®ã¹ã©ãã·ã¥(/)ã§åºåããããµããã£ã¼ã«ãããæããåãµããã£ã¼ã«ãã¯Port numberãStateãProtocolãOwnerãServiceãSunRPC infoãVersion infoã§ããã
XMLåºåã®å ´åã¨åæ§ã«ãæ¬ç¨¿ã§ãã®ãã©ã¼ãããã®ãã¹ã¦ãè«ãããã¨ã¯ã§ããªããNmapã®grepå¯è½åºåãã©ã¼ãããã«ã¤ãã¦ã®è©³ç´°ãªè§£èª¬ã¯ä»¥ä¸ã§å¥æã§ããï¼- http://www.unspecific.com/nmap-oG-output
−oA
簡便ã®ããã«ã−oA basenameãæå®ããã¨ãã¹ã- ã£ã³çµæãé常ãXMLãgrepå¯è½ã®3ã¤ã®ãã©ã¼ãããã§ä¸åº¦ã«ä¿å- ã§ããããã«ããããããããbasename.nmapãbasename.xmlãbasename.gnmapã¨ãããã¡ã¤ã«ã«ä¿å- ããããããã¦ãã®ãã- ã°ã©ã ã¨åããã以ä¸ã®ä¾ã®ããã«ãã¡ã¤ã«åã®åã«ãã£ã¬ã¯ããªãã¹ãä»ãããã¨ãã§ããï¼~/nmaplogs/foocorp/(UNIX)ãc:hackingsco(Windows)
åé·æ§ã¨ãããã°ã®ãªãã·ã§ã³
−v (åé·æ§ã¬ãã«ãä¸ãã)
åé·æ§ã¬ãã«ãä¸ãã¦ãNmapãé²è¡ä¸ã®ã¹ã- ã£ã³ã«é¢ãã¦ããã«å¤ãã®æå ±ãæ¸ãåºãããã«ãããéããã¼ãã¯è¦ã¤ãã次第表示ãããã¹ã- ã£ã³ã®å®è¡ã«æ°å以ä¸ãããã¨è¦ãªãããå ´åã¯äºæ¸¬ãããå®äºæéãæ示ãããã2å使ç¨ããã¨ããã«åé·ã¬ãã«ã¯ä¸ãããã3å以ä¸ã®ä½¿ç¨ã¯ç¡å¹ã§ããã
ã»ã¨ãã©ã®å¤æ´ã®å¹æã表ããã®ã¯ã¤ã³ã¿ã©ã¯ãã£ãåºåã ãã ããé常åºåã¨ã¹ã¯ãªããã- ãã£åºåã«ãä¸é¨å¹æãããããã®ä»ã®åºåã¿ã¤ãã¯ãã³ã³ãã¥ã¼ã¿å¦çããããã®åºåãªã®ã§ãã¦ã¼ã¶ã®æãç©ãããªãã¨ããããã©ã«ãã§ããªã詳細ãªæå ±ãä¸ãããã¦ãããããã§ãããã®ä»ã®åºåã¢ã¼ãã§ãããã¤ãå¤æ´ãããç¹ãããã詳細æå ±ãä¸é¨çç¥ãããã¨ã§ãåºåãµã¤ãºã大å¹ã«æ¸ãããã¨ãã§ãããä¾ãã°ãgrepå¯è½åºåã®ã³ã¡ã³ãè¡ã§ãã¹ã- ã£ã³å¯¾è±¡ã®å¨ãã¼ãã®ä¸è¦§è¡¨ãæä¾ãããã®ã¯ãããªãé·ããªãå¯è½æ§ãããã®ã§ãåé·ã¢ã¼ãã§ã®ã¿æ¸ãåºãããã
−d [level] (ãããã°ã¬ãã«ãä¸ãã/è¨å®ãã)
åé·ã¢ã¼ãã§ãæºè¶³ããæå ±ãå¾ãããªãå ´åã¯ãããã«å¤§éã®æå ±ãå¾ãããã«ãããã°ãå©ç¨ã§ãããåé·ãªãã·ã§ã³(−v)ã®å ´åã¨åæ§ã«ããããã°ãã³ãã³ãã©ã¤ã³ã®ãã©ã°(−d)ã§æå¹ã«ãªãããããè¤æ°åæå®ãããã¨ã§ããããã°ã¬ãã«ãä¸ãããã¨ãã§ããããããã¯ããããã°ã¬ãã«ã¯−dã«å¼æ°ã¨ãã¦ä¸ãããã¨ã§ãè¨- å®ã§ãããä¾ãã°ã−d9ã§ã¬ãã«9ã«è¨- å®ããããããã¯æãå¹æã®é«ãã¬ãã«ã§ãããããå°æ°ã®ãã¼ããã¿ã¼ã²ããã«å¯¾ãã¦é常ã«åç´ãªã¹ã- ã£ã³ãå®è¡ããã®ã§ãªãéããæ°åè¡ã«åã¶åºåãçæãããã
ãããã°åºåãæç¨ãªã®ã¯ãNmapã«ãã°ãããçããããå ´åããNmapãä½ããªãè¡ã£ã¦ããã®ãã«ã¤ãã¦åç´ã«ããåãããªããªã£ãå ´åã§ããããã®æ©è½ã¯ä¸»ã«éçºèåãã®ãã®ãªã®ã§ããããã°è¡ã¯å¿ããã誰ãè¦ã¦ãããåããããã§ã¯ãªããä¾ãã°ããã®ãããªåºåãå¾ããã: Timeout vals: srtt: −1 rttvar: −1 to: 1000000 delta 14987 ==> srtt: 14987 rttvar: 14987 to: 100000ãããããè¡ã®å容ãç解ã§ããªãå ´åã¯ãç¡è¦ããããã½ã¼ã¹ã³ã¼ããè¦ã¦èª¿ã¹ãããéçºãªã¹ã(nmap−dev)ã«å©ããæ±ããããªã©ãããä»ãªããè¦ãã°å容ãåããè¡ããªãã«ã¯ãããããããã°ã¬ãã«ãä¸ããã»ã©ãã¡ãã»ã¼ã¸ãåããã«ãããªãã
−−packet−trace (éåä¿¡ãããã±ããããã¼ã¿ã追跡ãã)
Nmapãéåä¿¡ããå¨ãã±ããã®ãµããªã¼ãæ¸ãåºãããã«ããããããã°ã§ç¨ããããå ´åãå¤ãããNmapãè¦ããªãã¨ããã§ä½ãè¡ã£ã¦ããããæ°ããã¦ã¼ã¶ãç解ããããã®æ段ã¨ãã¦å½¹ç«ã¦ããã¨ãã§ãããä½åãã®è¡ãæ¸ãåºãããªãããã«ããã«ã¯ã−p20−30ãªã©ãæå®ãã¦ãã¹ã- ã£ã³å¯¾è±¡ã®ãã¼ãã®æ°ãå¶éããã¨ããã ããããã¼ã¸ã§ã³æ¤åºãµãã·ã¹ãã ã®æåã«ã®ã¿é¢å¿ãããå ´åã¯ã代ããã«−−version−traceã使ç¨ãããã¨ã
−−iflist (ã¤ã³ã¿ã¼ãã§ã¼ã¹ãçµè·¯ã®ä¸è¦§ã表示ãã)
Nmapãæ¤åºããã¤ã³ã¿ã¼ãã§ã¼ã¹ãã·ã¹ãã çµè·¯ã®ãªã¹ããæ¸ãåºããããã¯ãã«ã¼ãã£ã³ã°åé¡ãããã¤ã¹ã®ã- ã£ã©ã¯ã¿ãªã¼ã¼ã·ã§ã³ã®èª¤ã(ä¾ãã°NmapãPPPæ¥ç¶ãã¤ã¼ãµãããã¨ãã¦å¦çãããã¨)ãªã©ããããã°ããã®ã«å½¹ç«ã¤ã
ãã®ä»ã®åºåãªãã·ã§ã³
−−append−output (åºåãã¡ã¤ã«ã¯ä¸æ¸ããã追å ãã)
−oX ã −oNãªã©ã®åºåãã©ã¼ãããã®ãã©ã°ã«ãã¡ã¤ã«åãæå®ããã¨ãããã©ã«ãã§ã¯ãã®ãã¡ã¤ã«ã¯ä¸æ¸ãããããæ¢å- ã®ãã¡ã¤ã«ã®å容ã¯ãã®ã¾ã¾ã«ãã¦ãæ°ããçµæã追å ãããå ´åã¯ããã®−−append−outputãªãã·ã§ã³ãæå®ããããããã¦Nmapãå®è¡ããã°ãããã§æå®ããåºåãã¡ã¤ã«ã¯ãã¹ã¦ãä¸æ¸ãã§ã¯ãªãã¦è¿½å ããããã¨ã«ãªããã ãããã¯ãXMLã¹ã- ã£ã³(−oX)ã®ãã¼ã¿ã«å¯¾ãã¦ã¯ãã¾ãæå¹ã§ã¯ãªããXMLã®çµæãã¡ã¤ã«ã¯é常ãæåã§ä¿®æ- £ããªãã¨é©æ£ã«è§£æã§ããªãããã ã
−−resume
対象ãåºç¯å²ã«ãããNmapã®å®è¡ã«ã¯é常ã«é·ãæéãããããæ°æ¥ã»ã©ã«åã¶å ´åãããããã®ãããªã¹ã- ã£ã³ã¯ã常ã«å®äºããã¾ã§ç¶ãã¦å®è¡ã§ããã¨ã¯éããªããæ§ããªå¶ç´ã«ãã£ã¦Nmapãå°±æ¥- æéåã«å®è¡ã§ããªããªã£ããããããã¯ã¼ã¯ããã¦ã³ããããNmapãåä½ãã¦ãããã·ã³ãè¨ç»çãããã¯äºå®å¤ã«åèµ·åãããããããNmapèªä½ãã¯ã©ãã·ã¥ããããªã©ãèµ·ããå¯è½æ§ãããããã ããã®ä»ãããªãçç±ã§ãã£ã¦ãåæ§ã«ãNmapãå®è¡ãã¦ãã管çèã¯ãctrl−Cãæ¼ããã¨ã«ãã£ã¦å®è¡ãã- ã£ã³ã»ã«ã§ããããã®ãããªå ´åãã¹ã- ã£ã³å¨ä½ãæåããåéããã®ã¯æã¾ãããªãã ããã幸ãã«ããé常åºå(−oN)ãgrepå¯è½åºå(−oG)ã®ã- ã°ãæ®ã£ã¦ããã°ãã¦ã¼ã¶ã¯ãå®è¡ãä¸æãããéã®ã¿ã¼ã²ããã«å¯¾ããã¹ã- ã£ã³ãåéããããNmapã«å½ãããã¨ãã§ããããããè¡ãã«ã¯ã−−resume ãªãã·ã§ã³ãæå®ããé常/grepå¯è½ã®åºåãã¡ã¤ã«ãå¼æ°ã¨ãã¦æ¸¡ããNmapã¯ãã®åºåãã¡ã¤ã«ããã¼ã¹ãã¦ãåã«æå®ãããã®ã¨åããã®ã使ãã®ã§ããã以å¤ã®å¼æ°ã¯æå®ã§ããªããnmap −−resumelogfilenameã¨ãã¦ãNmapãå¼ã³åºããNmapã¯ãååã®å®è¡ã§æå®ããããã¼ã¿ãã¡ã¤ã«ã«æ°ããªçµæã追å ããããã®åéãªãã·ã§ã³ã¯ãXMLåºåãã©ã¼ãããããµãã¼ããã¦ããªãã2åã®å®è¡çµæãçµåãã¦1ã¤ã®å¦¥å½ãªXMLãã¡ã¤ã«ã«ããã®ã¯å°é£ã§ããããã ã
−−stylesheet
Nmapã«ã¯ãXMLåºåãé²è¦§ãããHTMLã«å¤æãããããããã®nmap.xslã¨ããXSLã¹ã¿ã¤ã«ã·ã¼ããå梱ããã¦ãããXMLåºåã«ã¯ãxml−stylesheetãã£ã¬ã¯ãã£ããçµã¿è¾¼ã¾ãã¦ãããNmapãæåã«ã¤ã³ã¹ãã¼ã«ããå ´æ(ãããã¯Windowsä¸ã®ç¾å¨ä½æ¥- ä¸ã®ãã©ã«ã)ã«ããnmap.xmlãåç§ãããæè¿ã®Webãã©ã¦ã¶ã«Nmapã®XMLåºåãèª- ã¿è¾¼ãã¨ããã©ã¦ã¶ã¯ãã¡ã¤ã«ã·ã¹ãã ããnmap.xsl ãèª- ã¿åºãã¦ãåºåçµæã®å¦çã«ä½¿ç¨ãããå¥ã®ã¹ã¿ã¤ã«ã·ã¼ãã使ãããå ´åã¯ããã®−−stylesheetãªãã·ã§ã³ã®å¼æ°ã¨ãã¦æå®ãããå¼æ°ã¯ãã«ãã¹åãURLã§æå®ãããããç¨ããããä¾ã以ä¸ã«ç¤ºãï¼ −−stylesheet https://nmap.org/data/nmap.xsl ããã§ãã¹ã¿ã¤ã«ã·ã¼ãã®ææ°ãã¼ã¸ã§ã³ãInsecure.Orgãããã©ã¦ã¶ã«èª- ã¿è¾¼ã¾ãããããã«ãããNmap(ããã³ nmap.xsl)ãã¤ã³ã¹ãã¼ã«ããã¦ããªããã·ã³ä¸ã§ããçµæãé²è¦§ãããããªãããã®ãããURLã®ã»ãã便å©ãªå ´åãå¤ãããããã©ã«ãã§ã¯ãã©ã¤ãã·ã¼ä¸ã®çç±ã§ãã- ã¼ã«ã«ãã¡ã¤ã«ã·ã¹ãã ã§ã®nmap.xslã®å ´æã使ããã¦ããã
−−no−stylesheet (XSLã¹ã¿ã¤ã«ã·ã¼ã宣è¨ãXMLããé¤å¤ãã)
NmapãXMLåºåãXSLã¹ã¿ã¤ã«ã·ã¼ãã¨é¢é£ä»ããªãããã«ãããxml−stylesheet ãã£ã¬ã¯ãã£ãã¯ç¡è¦ãããã
ãã®ä»ã®ãªãã·ã§ã³
æ¬ç¯ã§ã¯ãä»ã®ç¯ã®ã©ãã«ãé©åããªããªãã·ã§ã³ã§ãéè¦ãª(ããã³ããã»ã©éè¦ã§ãªã)ãã®ã«ã¤ãã¦è¿°ã¹ãã
−6 (IPv6ã¹ãã£ã³ãæå¹ã«ãã)
Nmapã¯2002å¹´ããããã®æããã使ãããæ©è½ã«å¯¾ãã¦IPv6ã®ãµãã¼ããæä¾ãã¦ãããç¹ã«ãpingã¹ã- ã£ã³(TCPã®ã¿)ãconnect()ã¹ã- ã£ã³ããã¼ã¸ã§ã³æ¤åºãªã©ã¯ãã¹ã¦IPv6ã«å¯¾å¿ãã¦ãããã³ãã³ãæ§æã¯ã−6ãªãã·ã§ã³ã追å ãã以å¤ã¯å¾æ¥éãã§ããããã¡ããããã¹ãåã§ã¯ãªãã¦ã¢ãã¬ã¹ãæå®ããå ´åã¯ãIPv6ã®æ§æã使ãå¿è¦ãããããã ããã¢ãã¬ã¹è¡¨ç¤ºã¯3ffe:7501:4819:2000:210:f3ff:fe03:14d0ã®ããã«ãªãã®ã§ããã¹ãåã使ãæ¹ããããåºåãå¾æ¥ã¨ã»ã¼åãã§ããããèå³ã®ãããã¼ããè¡ã®ã¢ãã¬ã¹ãIPv6æ¹å¼ã«ãªã£ã¦ããã®ãå¯ä¸ã®IPv6ã®è¨¼æ ã§ããã
IPv6ã¯å¿ãããä¸çãå¸- å·»ãã¦ããããã§ã¯ãªãããä¸é¨(é常ã¯ã¢ã¸ã¢)ã®å½ãã§ã¯ããªãæ®åãã¦ãããæè¿ã®OSã®ã»ã¨ãã©ã§ãµãã¼ãããã¦ãããNmapãIPv6ã§ä½¿ç¨ããããã«ã¯ãã¹ã- ã£ã³ã®ã½ã¼ã¹ã¨ã¿ã¼ã²ããã®ä¸¡æ¹ãIPv6対å¿ã«è¨- å®ããå¿è¦ããããèªåã®ISP(ä»ã®å¤ãã®ISPã¨åæ§ã®)ããIPv6ã¢ãã¬ã¹ãå²ãå½ã¦ããã¦ããªãå ´åã¯ãæ§ããªå ´æã§å¥æå¯è½ãªããªã¼ã®ãã³ãã«ãã- ã¼ã«ã¼ãNmapã¨ãã¾ãé£æºãã¦æ©è½ãããåªãããã³ãã«ããã¼ã«ã¼ã®1ã¤ã«ãBT Exact社ã以ä¸ã§éå¶ãã¦ãããã®ãããã Hurricane Electric社ã以ä¸ã§æä¾ãã¦ãããã®ã使ã£ããã¨ãããï¼- http://ipv6tb.he.net/ãã6to4 tunnelsãã¨ãã人æ°ã®ããªã¼ã½ãããããã
−A (ã¢ã°ã¬ãã·ãã»ã¹ãã£ã³ãªãã·ã§ã³)
ãã®ãªãã·ã§ã³ã¯ãAdditional(ä»å ç)ãAdvanced(é«åº¦)ãAggressive(ã¢ã°ã¬ãã·ã)ãªãªãã·ã§ã³ãæå¹ã«ãããã ãããã®ãã¡ã®ã©ãã表ãã®ãã¯ã¾ã æ確ã«ã¯æ±ºãã¦ããªããç¾å¨ã¯ãã®ãªãã·ã§ã³ãæå®ããã¨ãOSæ¤åº(−O)ã¨ãã¼ã¸ã§ã³ã¹ã- ã£ã³(−sV)ãå®è¡ã§ãããä»å¾ãããã«å¤ãã®æ©è½ã追å ãããã ããããã¤ã³ãã¯ãã¦ã¼ã¶ãæ°å¤ãã®ãã©ã°ãã¾ã¨ãã¦è¦ããªãã¦ãæ¸ãããã«ãè¤æ°ã®ã¹ã- ã£ã³ãªãã·ã§ã³ãåæ¬çã«ã¾ã¨ãã¦å®è¡ã§ããããã«ãããã¨ã§ããããã®ãªãã·ã§ã³ãæå¹ã«ããã®ã¯æ©è½ã®ã¿ã§ãåãããããããã¨æãããã¿ã¤ãã³ã°ãªãã·ã§ã³(ä¾ãã°−T4)ãåé·ãªãã·ã§ã³(−v)ãªã©ã¯ãæå¹ã«ãªããªãã
−−datadir
Nmapã¯ãå®è¡æã«ç¹å¥ãªãã¼ã¿ããnmap−service−probesãnmap−servicesãnmap−protocolsãnmap−rpcãnmap−mac−prefixesãnmap−os−fingerprintsã¨ããååã®ãã¡ã¤ã«ã«åå¾ãããNmapã¯ã¾ãã(ããå ´åã¯)−−datadir ãªãã·ã§ã³ã§æå®ãããã£ã¬ã¯ããªåã§ããããã®ãã¡ã¤ã«ãæ¢ããããã§è¦ã¤ãããªãã£ããã¡ã¤ã«ã¯ããNMAPDIRãç°å¢å¤æ°ã§æå®ãããã£ã¬ã¯ããªããæ¤ç´¢ããã次ã«ãå®å¨ããæå¹ãªUID(POSIXã·ã¹ãã ã®å ´å)ãNmapã®å®è¡ãã¡ã¤ã«(Win32ã®å ´å)ãæ ¼ç´ããã¦ãããã£ã¬ã¯ããªã®~/.nmap ãæ¢ãããã®æ¬¡ã«ãçµã¿è¾¼ã¿ãã£ã¬ã¯ããªã®/usr/local/share/nmap ã/usr/share/nmapãæ¢ããããã§ããªãå ´åã¯æå¾ã®æ段ã¨ãã¦ãNmapã¯ã«ã¬ã³ããã£ã¬ã¯ããªãæ¤ç´¢ããã
−−send−eth (rawï¼çã®ï¼ã¤ã¼ãµããã層ã§éä¿¡ãã)
Nmapããä¸å±¤ã®IP(ãããã¯ã¼ã¯)層ã§ã¯ãªãã¦ãrawã¤ã¼ãµããã(ãã¼ã¿ãªã³ã¯)層ã§ãã±ãããéä¿¡ããããã«ãããããã©ã«ãã§ã¯é常ãNmapã¯åä½ãã¦ãããã©ãããã©ã¼ã ã«æé©ã®å±¤ãé¸ã¶ããã«ãªã£ã¦ãããraw ã½ã±ãã (IP層)ã¯ä¸è¬ã«ãUNIXãã·ã³ã«ã¯æé©ã§ãããããã¤ã¯ãã½ãã社ãraw ã½ã±ããã«å¯¾å¿ããæ©è½ãç¡å¹ã«ãã¦ãããããWindows OSã«ã¯ã¤ã¼ãµããããã¬ã¼ã ãå¿è¦ã«ãªããNmapã¯ãä»ã«é¸æè¢ããªã(éã¤ã¼ãµãããæ¥ç¶ãªã©ã®)å ´åã¯ããã®ãªãã·ã§ã³ãããã«ããããããUNIXä¸ã§ã¯ãã¾ã ã«raw IPãã±ããã使ç¨ããã
−−send−ip (raw IPã¬ãã«ã§éä¿¡ãã)
Nmapããã±ãããéä¿¡ããã®ã«ãä¸ä½ã®ã¤ã¼ãµããããã¬ã¼ã ã§ã¯ãªãã¦ãraw IPã½ã±ãããä»ãã¦éãããã«ãããããã¯ãä¸ã§è¿°ã¹ã−−send−ethãè£å®ãããªãã·ã§ã³ã§ããã
−−privileged (ã¦ã¼ã¶ãååãªæ¨©éãæã¤ãã¨ãæ³å®ãã)
Nmapããé常ã¯UNIXã·ã¹ãã ä¸ã®root権éãå¿è¦ã¨ããæä½ãè¡ãã®ã«ååãªç¹æ¨©ãæã¤ãã¨ãæ³å®ãããããããæä½ã«ã¯ãçã½ã±ããã®éä¿¡ããã±ããçè´ãªã©ããããããã©ã«ãã§ã¯ãNmapã¯ãã®ãããªæä½ãè¦æ±ãããå ´åã§ããgeteuid()ãã¼ã- ã§ãªããã°å®è¡ãä¸æ¢ããããã«ãªã£ã¦ããã−−privileged ã¯ãLinuxã«ã¼ãã«æ©è½ãã権éã®ãªãã¦ã¼ã¶ãçãã±ããã¹ãã£ã³ãå®è¡ã§ããããã«è¨- å®å¯è½ãªåæ§ã®ã·ã¹ãã ã¨ã¨ãã«ç¨ããã¨ä¾¿å©ã§ããã注æç¹ã¯ããã®ãªãã·ã§ã³ãã©ã°ããç¹æ¨©ãå¿è¦ã¨ãããªãã·ã§ã³(SYNã¹ã- ã£ã³ãOSæ¤åºãªã©)ããåã«æå®ãããã¨ã ã−−privilegedãªãã·ã§ã³ã«ç¸å½ããå¥ã®æ¹æ³ã«ã¯ããNMAP_PRIVILEGEDãå¤æ°ã®è¨- å®ãããã
−V; −−version (ãã¼ã¸ã§ã³çªå·ã表示ãã)
Nmapã®ãã¼ã¸ã§ã³çªå·ãæ¸ãåºãã¦çµäºããã
−h; −−help (ãã«ãã®ãµããªã¼ãã¼ã¸ã表示ãã)
æãä¸è¬çãªã³ãã³ããã©ã°ã«ã¤ãã¦ã®ç- ããã«ãç»é¢ã表示ãããNmapãå¼æ°ãªãã§å®è¡ãã¦ãåæ§ã®çµæãå¾ãããã
å®è¡æã®å¯¾è©±åæä½
Nmapã®å®è¡ä¸ã«ããã¹ã¦ã®ãã¼ããã»ã¹ããã£ããã£ãããããã«ãããåæ- ¢ãã¦åéã¨ããæé ãçµãªãã§ããããã°ã©ã ã¨ã®æå ±ã®ããåããå¯è½ã«ãªããç¹å®ã®ç¹æ®ã- ã¼ã§ããªãã·ã§ã³ãå¤æ´ããããã®ä»ã®ãã¼ã¯ãã¹ã- ã£ã³ã«é¢ããæå ±ãä¼ããã¹ãã¼ã¿ã¹ã¡ãã»ã¼ã¸ã表示ãããä»æ§ã¨ãã¦ã¯ãå°æå- ã¯æ¸ãåºãããæå ±éãå¢ããã大æåã¯æ¸ããã
v / V
åé·ã¬ãã«ãä¸ãã / ä¸ãã
d / D
ãããã°ã¬ãã«ãä¸ãã / ä¸ãã
p / P
ãã±ãã追跡ãæå¹ã«ãã / ç¡å¹ã«ãã
ãã®ä»
æ¸ãåºãããã¹ãã¼ã¿ã¹ã¡ãã»ã¼ã¸ã¯ä»¥ä¸ã®ããã«ãªãï¼
Stats: 0:00:08 elapsed; 111 hosts completed (5 up), 5 undergoing Service Scan
Service scan Timing: About 28.00% done; ETC: 16:18 (0:00:15 remaining)
使ç¨ä¾
以ä¸ã«ãNmapã®ä½¿ç¨ä¾ããåç´ãªãã®ããããè¤éã§é£è§£ãªãã®ã¾ã§ããã¤ã示ãããä¾ã§ä½¿ç¨ããIPã¢ãã¬ã¹ããã¡ã¤ã³åã¯ãããã¾ã§ãå·ä½æ§ãæããããã¨ãç®çã§ãããããå®éã®ã¹ã- ã£ã³ã§ã¯ãããããèªåã®ãããã¯ã¼ã¯ã®ã¢ãã¬ã¹ã¾ãã¯ãã¹ãåã§ç½®ãæãããã¨ã«æ³¨æãããç- èã¯å人çã«ãä»äººã®ãããã¯ã¼ã¯ã«å¯¾ãã¦ãã¼ãã¹ã- ã£ã³ãå®è¡ãããã¨ã¯éæ³è¡çºã«ã¯å½ãããªãã¨è¦ã¦ãããããããã¯ã¼ã¯ç®¡çèã®ãªãã«ã¯ãèªåã®ãããã¯ã¼ã¯ãåæã«ã¹ã- ã£ã³ãããã®ãå¿«ãæããã«è¦æã訴ããèããããããããªããæåã«è¨±å¯ãå¾ãã»ããå¾çã§ããã
ã¦ã¼ã¶ã«ã¯ããã¹ãç®çã§ããã¹ãscanme.nmap.orgãã¹ã- ã£ã³ãã許å¯ãä¸ãããã¦ããããã®è¨±å¯ã®å¯¾è±¡ã¯ãNmapã«ããã¹ã- ã£ã³ã«éå®ããããã®ã§ãããã¨ã¯ã¹ãã- ã¤ãããµã¼ãã¹å¦¨å®³æ»æã®ãã¹ãã¯å«ã¾ããªãã帯åå¹ãç¯ç´ããããã«ããã®ãã¹ãã«å¯¾ããã¹ã- ã£ã³ã¯ãä¸æ¥ã«ã¤ãåæ°å以ä¸ã¯è¡ããªãããã«ãããã¨ããã®ããªã¼ã®ã¹ã- ã£ã³å¯¾è±¡æä¾ãµã¼ãã¹ãæªç¨ãããå ´åããµã¼ãã¹ã¯åæ¢ãããNmapã¯Failed to resolve given hostname/IP: scanme.nmap.orgï¼æå®ãããã¹ãå/IPï¼scanme.nmap.orgã®è§£æ±ºã«å¤±æãã¾ããï¼ã¨ããå ±åãåºãããããã®è¨±å¯ã¯ãscanme2.nmap.orgãscanme3.nmap.orgç- ã®åãã¹ãã«ãé©ç¨ããããããããã®ãã¹ãã¯ãç¾å¨ã¯åå¨ããªãã
nmap −v scanme.nmap.org
ãã®ãªãã·ã§ã³ãå©ç¨ããã¨ãscanme.nmap.orgã¨ãããã·ã³ä¸ã®äºç´æ¸ã¿TCPãã¼ããã¹ã¦ã«å¯¾ãã¦ã¹ã- ã£ã³ãå®è¡ãããã¾ãã−vãæå®ããã¦ãããããåé·ã¢ã¼ããæå¹ã«ãªãã
nmap −sS −O scanme.nmap.org/24
scanme.nmap.orgãå±ãã¦ãããã¯ã©ã¹Cããããã¯ã¼ã¯ä¸ã®ãã·ã³255å°ã®ãã¡ã§ç¨¼åãã¦ããåãã·ã³ã«å¯¾ãã¦ãSYNã¹ã- ã£ã³(ã¹ãã«ã¹ã¹ãã£ã³)ãå®è¡ãããã¾ãã稼åä¸- ã®åãã¹ãä¸ã§åä½ãã¦ããOSã®ç¹å®ãåæã«è©¦è¡ãããSYNã¹ã- ã£ã³ã¨OSã®æ¤åºãè¡ããããroot権éãå¿è¦ã¨ãªãã
nmap −sV −p 22,53,110,143,4564 198.116.0−255.1−127
198.116ã®ã¯ã©ã¹Bã¢ãã¬ã¹ç©ºéã§ã8ãããã§è¡¨ãã255ã®ãµããããã«å±ãããã¹ãã®ãã¡ãåå(1−127)ã®IPã¢ãã¬ã¹ãæã¤ãã¹ãã«å¯¾ãã¦ããã¹ãã®åæã¨TCPã¹ã- ã£ã³ãè¡ãããã®ã¹ã- ã£ã³ãè¡ãç®çã¯ã対象ã·ã¹ãã ã§sshdãDNSãPOP3dãIMAPdã4564çªãã¼ããåä½ãã¦ãããã©ããã調æ»ãããã¨ã ããããã®ãã¼ãã®ãªãã§éãã¦ãã(open)ãã¨ãå¤æãããã¼ããã¹ã¦ã«å¯¾ãã¦ãã¼ã¸ã§ã³æ¤åºã使ç¨ãã¦ãä½ã®ã¢ããªã±ã¼ã·ã§ã³ãåä½ãã¦ããããç¹å®ããã
nmap −v −iR 100000 −P0 −p 80
Nmapã¯100,000å°ã®ãã¹ããç¡ä½çºã«é¸ã³ãWebãµã¼ã(80çªãã¼ã)ã®ã¹ã- ã£ã³ãè¡ãããã¹ãã®åæã¯−P0 ã§ç¡å¹ã«ãã¦ãããåã¿ã¼ã²ãããã¹ãä¸ã§1ã¤ã®ãã¼ããã調æ»ããªãã®ã«ãã©ã®ãã¹ãã稼åä¸- ã§ããããç¹å®ããããã«ããã¼ããéãã®ã¯ç¡é§ã ããã ã
nmap −P0 −p80 −oX logs/pb−port80scan.xml −oG logs/pb−port80scan.gnmap 216.163.128.20/20
4096åã®IPãã¹ã- ã£ã³ãã¦Webãµã¼ããè¦ã¤ãåºã(pingãªãã§)ãçµæåºåãgrepå¯è½ããã³XMLãã©ã¼ãããã§ä¿å- ããã
host −l company.com | cut −d −f 4 | nmap −v −iL −
company.comã«å- å¨ãããã¹ããçºè¦ããããã«DNSã®ã¾ã¼ã³è»¢éãå®è¡ããçºè¦ããIPã¢ãã¬ã¹ãnmapã«æ¸¡ãããã®ã³ãã³ãã¯ãç- èã®GNU/Linuxãã·ã³ã§ä½¿ç¨ãã¦ãããã®ã ãä»ã®ã·ã¹ãã ã«ã¯ãã¾ã¼ã³è»¢éãå®è¡ããããã®å¥ã®ã³ãã³ããããã
ãã°
Nmapãä½èã¨åæ§ã«å®å¨ã§ã¯ãªããããã§ãNmapã®ã»ãã¯ãã¦ã¼ã¶ã«ãããã°ã®å ±åããããã®ä½æã®ãããã§ããããããã®ã«ãã¦ãããã¨ãã§ãããNmapã使ã£ã¦ãã¦ãæãéãã«åããªãå ´åã¯ãã¾ã- https://nmap.org/ããå¥æã§ããææ°ã®ãã¼ã¸ã§ã³ã«ã¢ããã°ã¬ã¼ããã¦ã¿ããåé¡ãç¶ããããªãããã§ã«çºè¦ã»å¯¾å¦ãè¡ãããåé¡ãã©ããã調æ»ãã¦ç¢ºããããã¨ã©ã¼ã¡ãã»ã¼ã¸ãGoogleæ¤ç´¢ãããã- http://seclists.org/ã§Nmap−devã¢ã¼ã«ã¤ããé²è¦§ããããã¦ã¿ãããã®manãã¼ã¸ãå¨ä½ã«ç®ãéããæ¹ããããããã§ãã©ãã«ããªããªãå ´åã¯ããã°ã¬ãã¼ãã
ã¾ããã°ã¬ãã¼ãããããã°ãä¿®æ£ããããã®ã³ã¼ããããã®ã»ããæ- è¿ããããã¦ã¼ã¶èªèº«ã®ã³ã¼ãå¤æ´ã«ããããããã¡ã¤ã«ã®ä½ææ¹æ³ã«ã¤ãã¦ã®åºæ¬çãªæ³¨æäºé ã¯- https://nmap.org/data/HACKING ã§åç§ã§ããããããã¯ãnmap−devå®ã¦ã«éã(æ¨å¥¨)ããçèFyodorã¾ã§ç´æ¥éã£ã¦ããã ãããã
ä½è
Fyodor
ããæ°å¹´ã§ä½ç¾äººãã®äººããããNmapã«å¯¾ãã¦è²´éãªè²¢ç®ããã¦ããã ããããã®è©³ç´°ã«ã¤ãã¦ã¯ãNmapã¨ã¨ãã«éå¸ããã¦ããCHANGELOGãã¡ã¤ã«ãåç§ã®ãã¨ãCHANGELOGãã¡ã¤ã«ã¯ä»¥ä¸ãããå¥æã§ããï¼- https://nmap.org/nmap_changelog.html
æ³çéç¥äºé
èä½æ¨©ã¨ä½¿ç¨è¨±è«¾
Nmapã»ãã¥ãªãã£ã¹ãã£ãã®èä½æ¨©ã¯ãInsecure.Com LLCã«å¸°å±ãã¦ããï¼1996−2005ï¼ãã¾ããNmapã¯ãInsecure.Com LLCã®ç»é²åæ¨ããã®ããã°ã©ã ã¯ããªã¼ã½ããã¦ã§ã¢ã§ãããFree Software Foundationï¼FSFï¼ãçºè¡ããGNUä¸è¬å¬è¡å©ç¨è¨±è«¾å¥ç´æ¸ã®ãã¼ã¸ã§ã³2ã§å®ãããã¦ããæ¡ä»¶ã«å¾ããåéå¸ãæ¹å¤ãããã¨ãå¯è½ã§ãããããã¯ãç¹å®ã®æ¡ä»¶ä¸ã§Nmapã使ç¨ãæ¹å¤ãåéå¸ãã権å©ãä¿è¨¼ãããã®ã§ãããNmapã®æè¡ãç¬èªä»æ§ã®ã½ããã¦ã§ã¢ã«çµã¿è¾¼ããã¨ãå¸æããå ´åã¯ãåãã§å¥ã®å½¢æã®ã©ã¤ã»ã³ã¹ã販売ããï¼ãã®éã¯ã
GPL(ä¸è¬å¬æ使ç¨è¨±è«¾)ã¯ããæ´¾çèä½ç©ãã«å¯¾ãã¦éè¦ãªå¶ç´ã課ãã¦ãããã¨ã«æ³¨æããå¿è¦ããããããã©ãããã®ç¨èªã®è©³ç´°ãªå®ç¾©ã¯ãã¾ã ã«ä¸ãããã¦ããªããããã§ã¯èª¤è§£ãé¿ããããã以ä¸ã®ããããã®äºé ãè¡ãããå ´åã«ãã¢ããªã±ã¼ã·ã§ã³ããGPLã«ããããæ´¾çèä½ç©ããæ§æãããã®ã¨è¦ãªãï¼
• Nmapã®ã½ã¼ã¹ã³ã¼ããçµ±åãã
• nmap−os−fingerprints ã nmap−service−probesãªã©ã®ãNmapã®èä½æ¨©ã®ãããã¼ã¿ãã¡ã¤ã«ãèªã¿è¾¼ã
• Nmapãå®è¡ãã¦çµæã解æå¦çãã(é常ã®ã·ã§ã«ãå®è¡ã¡ãã¥ã¼ã®ã¢ããªã±ã¼ã·ã§ã³ã¨ã¯ç°ãªãããããã¯æªå¦çã®Nmapåºåãåã«è¡¨ç¤ºããã ããªã®ã§ãæ´¾çèä½ç©ã«ã¯ãªããªã)
• InstallShield社ã®è£½åã®ãããªç¬èªéçºã®å®è¡å¯è½ã¤ã³ã¹ãã¼ã©ã«çµ±å/çµè¾¼/éç´ãã
• ä¸ã§è¿°ã¹ããã¨ãè¡ããããªãã©ã¤ãã©ãªã«ãªã³ã¯ãããããã°ã©ã ãå®è¡ããããã
ãNmapãã¨ããç¨èªã¯ãNmapã®ä¸é¨ãããã¯æ´¾çç©ãå«ããããã«ç¨ããããã¹ãã§ããããã®ãªã¹ãã¯æä»çãªæ§è³ªã®ãã®ã§ã¯ãªããä¸è¬çãªä¾ãç¨ãã¦ãæ´¾çèä½ç©ã®è§£éãæ確ã«ãããã¨ãæå³ãããã®ã§ããããããã®å¶ç´äºé ã¯ãå®éã«Nmapãåéå¸ããå ´åã«ã®ã¿é©ç¨ããããä¾ãã°ãNmapåãã®ç¬èªéçºãã- ã³ãã¨ã³ããä½æãã¦è²©å£²ãããã¨ã«ã¯ä½ãæ¯éã¯ãªãããã ãããã®è£½åãåä½ã§éå¸ãããã¨ã¨ãã¦ã¼ã¶ã«Nmapã®ãã¦ã³ã- ã¼ãåã¨ãã¦ä»¥ä¸ã示ããã¨ãå¿è¦ã§ããï¼https://nmap.org/
ããããã¯ãããããGPLã«ããã«è¿½å ãããå¶ç´ã¨ã¯è¦ãªãã¦ããªããããã§ã¯ãªãã¦ããæ´¾çèä½ç©ã ã¨ããç¨èªãGPLæºæ ã®Nmap製åã«é©ç¨ãããå ´åã«ããããã©ã®ããã«è§£éããããæ確ã«ããããã®ãã®ã¨è¦ãªãã¦ãããããã¯ãLinus Torvaldsæ°ããLinuxã«ã¼ãã«ã¢ã¸ã¥ã¼ã«ã«ãæ´¾çèä½ç©ã ãã©ã®ããã«é©ç¨ããããã«ã¤ãã¦ã®èªåã®è§£éã表æããããæ¹ã«ä¼¼ã¦ãããããããã®è§£éã¯Nmapã ãã«è¨åãããã®ã§ããã®ä»ã®GPL製åã«ã¤ãã¦è¿°ã¹ã¦ããããã§ã¯ãªãã
GPLæºæ ã§ãªãèä½ç©ã«ãããNmapã®ä½¿ç¨ã«å¯¾ãããGPLã©ã¤ã»ã³ã¹ã«ããå¶ç´ã«ã¤ãã¦è³ªåãããå ´åã¯åãã§ãç- ãããã¤ããã ãä¸ã§è¿°ã¹ãããã«ãç¬èªéçºã®ã¢ããªã±ã¼ã·ã§ã³ãã¢ãã©ã¤ã¢ã³ã¹ã«Nmapãçµ±åããããã®ä»£æ¿ã©ã¤ã»ã³ã¹ãæä¾ãã¦ããããã®ã©ã¤ã»ã³ã¹å¥ç´ã¯ãã§ã«å¤ãã®ã»ã- ã¥ãªãã£ãã³ãã«è²©å£²ããã¦ããããã®å容ã«ã¯é常ãæ°¸ä¹ã©ã¤ã»ã³ã¹ããµãã¼ããã¢ãããã¼ãã®åªåæä¾ãNmapæè¡ã®éçºç¶ç¶ã®ããã®è³éæ´å©ãªã©ãå«ã¾ãã¦ããã詳細ã«ã¤ãã¦ã¯é»å- ã¡ã¼ã«ã§
Insecure.Com LLCã¯ãGPLã®åã決ãã«å¯¾ããç¹ä¾ã¨ãã¦ãNmapã®ã³ã¼ãã¨OpenSSLã©ã¤ãã©ãªã¨ã®ãªã³ã¯ãèªãã¦ããããã®2ã¤ããªã³ã¯ã§çµã¿åããããã®ãéå¸ãã¦ãããOpenSSLã©ã¤ãã©ãªã¯ãå梱ã®Copying.OpenSSLãã¡ã¤ã«ã«ãªã¹ãããããã®ã¨åä¸ã®ã©ã¤ã»ã³ã¹ã®ãã¨ã§éå¸ããã¦ãããOpenSSL以å¤ã®ä½¿ç¨ããã¦ãããã¹ã¦ã®ã³ã¼ãã«å¯¾ãã¦ã¯ãããããç¹ã§GNU GPLã«å¾ããªããã°ãªããªãããã®ãã¡ã¤ã«ã®ä¸é¨ãå¤æ´ããå ´åããã®ãã¡ã¤ã«ã®èªèº«ã®ãã¼ã¸ã§ã³ã«ãã®ä¾å¤ãæ¡å¤§ãã¦é©ç¨ã§ãããããã®ããã«è¡ã義åãè² ããã®ã§ã¯ãªãã
ä¸è¨ã®æ¡ä»¶ä»¥å¤ã®æ¡ä»¶ãè¨è¼ãããã©ã¤ã»ã³ã¹å¥ç´æ¸ã¨ã¨ãã«ãããã®ãã¡ã¤ã«ãå¥æããå ´åããã®ã©ã¤ã»ã³ã¹å¥ç´æ¸ã¯ãããã§è¿°ã¹ãå容ã«åªåããã
ã½ã¼ã¹ã³ã¼ãã®å¥æå¯è½æ§ã¨ã³ãã¥ããã£ã¸ã®å¯ä¸
ããããã¯ãã¦ã¼ã¶ã¼ã«ãã®ãã- ã°ã©ã ã®ã½ã¼ã¹ã³ã¼ããæä¾ãã¦ããããã®çç±ã¯ãã¦ã¼ã¶ãå®éã«ãã- ã°ã©ã ãå®è¡ããåã«ããã®ããã°ã©ã ãã©ããªåä½ãè¡ãã®ããæ- £ç¢ºã«ç¥ã権å©ããããã¨èãã¦ããããã ãã¾ããã½ããã¦ã§ã¢ã«å¯¾ãã¦èå¼±æ§ãè¦ã¤ããããã®ç£æ»ãè¡ããã¨ãã§ãã(ã¾ã 1ã¤ãè¦ã¤ãã£ããã¨ã¯ãªãã)ã
ã½ã¼ã¹ã³ã¼ãã¯ãæ°ãããã©ãããã©ã¼ã ã¸ã®ç§»æ¤ããã°ã®ä¿®æ- £ãæ°ããæ©è½ã®è¿½å ãå¯è½ã«ãããã³ã¼ãã«ä½ããã®å¤æ´ãå ããå ´åã¯ã主è¦ãã£ã¹ããªãã¥ã¼ã·ã§ã³ã«çµã¿è¾¼ã¾ããå¯è½æ§ãããããããã®å容ã
ç¡ä¿è¨¼
ãã®ãã- ã°ã©ã ã¯ã人ãã®å½¹ã«ç«ã¤ãã¨ãæå¾ãã¦éå¸ããã¦ãããããã®ä¿è¨¼ã¯ä¸åè¡ããªããããªãã¡ãååé©æ ¼æ§ãç¹å®ç®çã¸ã®é©åæ§ã®é»ç¤ºä¿è¨¼ã¯ä¸åè¡ããªãã詳細ã«ã¤ãã¦ã¯ãGNUä¸è¬å¬æ使ç¨è¨±è«¾å¥ç´æ¸ãåç§ã®ãã¨ãGNU GPLã¯ã http://www.gnu.org/copyleft/gpl.htmlãããã¾ãã¯Nmapã«å梱ã®COPYINGãã¡ã¤ã«ã§åç§ã§ããã
ã¾ãNmapã¯ãä¸å®å¨ãªã¢ããªã±ã¼ã·ã§ã³ãTCP/IPã¹ã¿ãã¯ãOSãªã©ãã¯ã©ãã·ã¥ããããã¨ã確èªããã¦ãããã¨ã«æ³¨æãããã¨ããããã¦ã¾ããªãã¨ã¨ã¯ãããè¨æ¶ã«çãã¦ããå¿è¦ãããããã¦ã³ã¿ã¤ã ãå容ããæºåãã§ãã¦ããªãéããNmapãããã·ã§ã³ã¯ãªãã£ã«ã«ãªã·ã¹ãã ã«å¯¾ãã¦å®è¡ãã¦ã¯ãªããªã ãNmapãã·ã¹ãã ããããã¯ã¼ã¯ã«é害ãä¸ããå¯è½æ§ãããç¹ã«ã¤ãã¦ã¯èªããããã§ãNmapã®ä½¿ç¨ã«ããçºçããããããªãæ害ãåé¡ã«å¯¾ãã¦ãä¸åã®è²¬ä»»ãè² ããªããã®ã¨ããã
ä¸é©åãªä½¿ç¨
ã·ã¹ãã é害ã®ãªã¹ã¯ãããããªãããããã¨ããæªæã®ããæ»æèãæ»æãå®è¡ããåã®èª¿æ»æ段ã¨ãã¦Nmapã好ãã§å©ç¨ãããã¨ãªã©ã®ããã§ã管çãã¦ããã·ã¹ãã ãã¹ã- ã£ã³ãããã¨æ°åã害ããå ´åã«ãã£ã¦ã¯è¦æãç³ãç«ã¦ã管çèããããå¾ã£ã¦ããã¨ããããã¯ã¼ã¯ã軽ãã¹ã- ã£ã³ããéããäºåã«ç®¡çèã®è¨±å¯ãåã£ã¦ãããã¨ãæ¨å¥¨ããã
ã»ãã¥ãªãã£ä¸ã®çç±ãããNmapã¯ç¹æ¨©ï¼suid rootãªã©ï¼ã§ã¤ã³ã¹ãã¼ã«ãã¦ã¯ãªããªãã
ãµã¼ããã¼ã㣠ã½ããã¦ã§ã¢
Nmapã«ã¯ã Apache Software Foundation [8] ã«ãã£ã¦éçºãããã½ããã¦ã§ã¢ãå«ã¾ãã¦ãããæ¹è¨çã®Libpcap portable packet capture library [9] ããNmapã¨ã¨ãã«éå¸ããã¦ãããWindowsçNmapã§ã¯ãlibpcapããæ´¾çããWinPcap ã©ã¤ãã©ãª [10] ãç¨ãããããæ£è¦è¡¨ç¾ã®ãµãã¼ãã¯ãPhilip Hazelæ°ä½æã®ãªã¼ãã³ã½ã¼ã¹ã®ã½ããã¦ã§ã¢ã§ãã PCRE ã©ã¤ãã©ãª [11] ããã±ã¼ã¸ã§æä¾ããã¦ãããç¹å®ã®RAWãããã¯ã¼ã¯æ©è½ã§ã¯ãDug Songæ°ä½ã®Libdnet [12] ãããã¯ã¼ã¯ã©ã¤ãã©ãªã使ç¨ããããä¿®æ- £ãã¼ã¸ã§ã³ããNmapã¨ã¨ãã«éå¸ããã¦ãããNmapã¯ãªãã·ã§ã³ã§ãSSLãã¼ã¸ã§ã³æ¤åºããµãã¼ãããããã«ã OpenSSL æå·åãã¼ã«ããã [13] ã¨ãªã³ã¯ã§ãããããã§è¿°ã¹ããã¹ã¦ã®ãµã¼ããã¼ãã£ã»ã½ããã¦ã§ã¢ã¯ãBSDæ¹å¼ã®ã½ããã¦ã§ã¢ã©ã¤ã»ã³ã¹ã®ãã¨ã§ãèªç±ã«åéå¸ã§ããã
ç±³å½è¼¸åºç®¡çåé¡
ç±³å½è¼¸åºç®¡çï¼Insecure.Com LLCã§ã¯ãNmapã¯US ECCNï¼è¼¸åºç®¡çåé¡çªå·ï¼5D992ã«è©²å½ããã¨èãã¦ããã5D992ã«åé¡ããããã®ã¯ãã5D002ã§è¦å¶ãããªãæå ±ã»ã- ã¥ãªãã£ã½ããã¦ã§ã¢ãã¨ãªã£ã¦ããããã®åé¡ã«å¯ä¸é©ç¨ãããè¦å¶ã¯ãATï¼ããé²æ- ¢ï¼è¦å¶ã§ãããATã¯ãã»ã¼ãã¹ã¦ã®ç©åã«é©ç¨ãããã¤ã©ã³ãåæé®®ãªã©ã®å°æ°ã®ç¡æ³å½å®¶ã¸ã®è¼¸åºãç¦æ- ¢ããè¦å¶ã§ããããã®ãããNmapã®è¼¸åºã«ã¯ãç¹å¥ãªã©ã¤ã»ã³ã¹ã許å¯ããããã¯æ¿åºã®æ¿èªãä¸åå¿è¦ã¨ããªãã
注è¨
|
1. |
RFC1122 |
http://www.rfc-editor.org/rfc/rfc1122.txt
|
2. |
RFC792 |
http://www.rfc-editor.org/rfc/rfc792.txt
|
3. |
UDP |
http://www.rfc-editor.org/rfc/rfc768.txt
|
4. |
TCP RFC |
http://www.rfc-editor.org/rfc/rfc793.txt
|
5. |
RFC 959 |
http://www.rfc-editor.org/rfc/rfc959.txt
|
6. |
Nmap::Scanner |
http://sourceforge.net/projects/nmap-scanner/
|
7. |
Nmap::Parser |
http://www.nmapparser.com
|
8. |
Apache Software Foundation |
http://www.apache.org
|
9. |
Libpcap portable packet capture library |
http://www.tcpdump.org
|
10. |
WinPcap ã©ã¤ãã©ãª |
http://www.winpcap.org
|
11. |
PCRE ã©ã¤ãã©ãª |
http://www.pcre.org
|
12. |
Libdnet |
http://libdnet.sourceforge.net
|
13. |
OpenSSL æå·åãã¼ã«ããã |
http://www.openssl.org