1. 설치
sudo apt install nmap -y
2. 명령어
sudo nmap -v -A {대상 호스트 주소}
3. 주의사항
- 임의의 외부 호스트에 테스트 시 법적 문제 발생 가능
- 자신의 시스템 내에서만 수행해야 한다.
4. 결과 예시
$ sudo nmap -v -A ??.???.???.??
Starting Nmap 7.80 ( <https://nmap.org> ) at 2023-07-06 09:03 UTC
NSE: Loaded 151 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 09:03
Completed NSE at 09:03, 0.00s elapsed
Initiating NSE at 09:03
Completed NSE at 09:03, 0.00s elapsed
Initiating NSE at 09:03
Completed NSE at 09:03, 0.00s elapsed
Initiating Ping Scan at 09:03
Scanning ??.???.???.?? [4 ports]
Completed Ping Scan at 09:03, 0.00s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 09:03
Completed Parallel DNS resolution of 1 host. at 09:03, 0.00s elapsed
Initiating SYN Stealth Scan at 09:03
Scanning ec2-??-???-???-??.ap-northeast-2.compute.amazonaws.com (??.???.???.??) [1000 ports]
Discovered open port 80/tcp on ??.???.???.??
Discovered open port 3000/tcp on ??.???.???.??
Completed SYN Stealth Scan at 09:03, 4.82s elapsed (1000 total ports)
Initiating Service scan at 09:03
Scanning 2 services on ec2-??-???-???-??.ap-northeast-2.compute.amazonaws.com (??.???.???.??)
Completed Service scan at 09:03, 11.01s elapsed (2 services on 1 host)
Initiating OS detection (try #1) against ec2-??-???-???-??.ap-northeast-2.compute.amazonaws.com (??.???.???.??)
Retrying OS detection (try #2) against ec2-??-???-???-??.ap-northeast-2.compute.amazonaws.com (??.???.???.??)
Initiating Traceroute at 09:03
Completed Traceroute at 09:03, 3.01s elapsed
NSE: Script scanning ??.???.???.??.
Initiating NSE at 09:03
Completed NSE at 09:03, 0.09s elapsed
Initiating NSE at 09:03
Completed NSE at 09:03, 0.01s elapsed
Initiating NSE at 09:03
Completed NSE at 09:03, 0.00s elapsed
Nmap scan report for ec2-??-???-???-??.ap-northeast-2.compute.amazonaws.com (??.???.???.??)
Host is up (0.0039s latency).
Not shown: 997 filtered ports
PORT STATE SERVICE VERSION
80/tcp open http nginx 1.18.0 (Ubuntu)
|_http-favicon: Unknown favicon MD5: C92B85A5B907C70211F4EC25E29A8C4A
| http-methods:
|_ Supported Methods: GET HEAD POST OPTIONS
|_http-server-header: nginx/1.18.0 (Ubuntu)
|_http-title: React App
443/tcp closed https
3000/tcp open http nginx 1.18.0 (Ubuntu)
|_http-favicon: Unknown favicon MD5: C92B85A5B907C70211F4EC25E29A8C4A
| http-methods:
|_ Supported Methods: GET HEAD POST OPTIONS
|_http-server-header: nginx/1.18.0 (Ubuntu)
|_http-title: React App
Aggressive OS guesses: Linux 2.6.32 (95%), Linux 3.2 - 4.9 (95%), Linux 2.6.32 - 3.10 (95%), Linux 3.4 - 3.10 (93%), Synology DiskStation Manager 5.2-5644 (92%), Linux 3.1 (92%), Linux 3.2 (92%), Netgear RAIDiator 4.2.28 (92%), Linux 2.6.32 - 2.6.35 (91%), Linux 2.6.32 - 3.5 (91%)
No exact OS matches for host (test conditions non-ideal).
Uptime guess: 20.206 days (since Fri Jun 16 04:06:29 2023)
Network Distance: 2 hops
TCP Sequence Prediction: Difficulty=261 (Good luck!)
IP ID Sequence Generation: All zeros
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel
TRACEROUTE (using port 80/tcp)
HOP RTT ADDRESS
1 ...
2 6.28 ms ec2-??-???-???-??.ap-northeast-2.compute.amazonaws.com (??.???.???.??)
NSE: Script Post-scanning.
Initiating NSE at 09:03
Completed NSE at 09:03, 0.00s elapsed
Initiating NSE at 09:03
Completed NSE at 09:03, 0.00s elapsed
Initiating NSE at 09:03
Completed NSE at 09:03, 0.00s elapsed
Read data files from: /usr/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at <https://nmap.org/submit/> .
Nmap done: 1 IP address (1 host up) scanned in 23.36 seconds
Raw packets sent: 2077 (96.060KB) | Rcvd: 39 (1.824KB)