{"id":752,"date":"2020-04-26T23:07:16","date_gmt":"2020-04-26T21:07:16","guid":{"rendered":"http:\/\/tech.sosthe.sk\/?p=752"},"modified":"2020-04-26T23:09:15","modified_gmt":"2020-04-26T21:09:15","slug":"nmap-nastroj-na-skumanie-siete","status":"publish","type":"post","link":"http:\/\/tech.sosthe.sk\/index.php\/2020\/04\/26\/nmap-nastroj-na-skumanie-siete\/","title":{"rendered":"Nmap – n\u00e1stroj na sk\u00famanie siete"},"content":{"rendered":"

Nmap<\/strong> (\u201cNetwork Mapper<\/em>\u201d<\/span>) je open-source n\u00e1strojom na sk\u00famanie siete a kontrolu bezpe\u010dnosti. Bol vyvinut\u00fd s oh\u013eadom na r\u00fdchle skenovanie ve\u013ek\u00fdch siet\u00ed, hoci funguje v\u00fdborne aj pri nasaden\u00ed proti jednotliv\u00fdm hostite\u013eom. Nmap neobvykl\u00fdmi sp\u00f4sobmi pou\u017e\u00edva neupraven\u00e9 IP pakety na ur\u010denie hostite\u013esk\u00fdch stan\u00edc v sieti, slu\u017eieb, ktor\u00e9\u00a0 tieto hostite\u013esk\u00e9 stanice pon\u00fakaj\u00fa, na akom opera\u010dnom syst\u00e9me (a verzi\u00e1ch OS) be\u017eia, ak\u00fd typ paketov\u00fdch filtrov alebo firewallu je pou\u017eit\u00fd, a mnoho \u010fal\u0161\u00edch charakteristick\u00fdch vec\u00ed. Hoci sa Nmap be\u017ene pou\u017e\u00edva na vykon\u00e1vanie kontrol bezpe\u010dnosti, ve\u013ea syst\u00e9mov\u00fdch a sie\u0165ov\u00fdch administr\u00e1torov ho vyu\u017eije aj pri obvykl\u00fdch \u00faloh\u00e1ch ako napr\u00edklad kontrola obsahu siete, spr\u00e1va \u010dasov\u00fdch rozvrhnut\u00ed upgradovania slu\u017eby \u010di monitorovanie uptimu hostite\u013eskej stanice alebo slu\u017eby.<\/p>\n

V\u00fdstup aplik\u00e1cie Nmap je tvoren\u00fd zoznamom skenovan\u00fdch cie\u013eov\u00fdch stan\u00edc s dodato\u010dn\u00fdmi inform\u00e1ciami o ka\u017edom z nich v z\u00e1vislosti na pou\u017eit\u00fdch mo\u017enostiach. K\u013e\u00fa\u010dovou medzi t\u00fdmito inform\u00e1ciami je \u201ctabu\u013eka zauj\u00edmav\u00fdch<\/span>\u00a0portov \u201d<\/span>. T\u00e1to tabu\u013eka obsahuje zoznam \u010d\u00edsel portov a protokolov, n\u00e1zov slu\u017eieb a stav. Stav m\u00f4\u017ee by\u0165 bu\u010f otvoren\u00fd<\/code>,\u00a0filtrovan\u00fd<\/code>,\u00a0zatvoren\u00fd<\/code>, alebo\u00a0nefiltrovan\u00fd<\/code>.<\/p>\n

Otvoren\u00fd znamen\u00e1, \u017ee aplik\u00e1cia na cie\u013eovom po\u010d\u00edta\u010di na\u010d\u00fava spojeniam alebo paketom na tomto porte. Filtrovan\u00fd<\/code> znamen\u00e1, \u017ee nejak\u00fd firewall, filter alebo sie\u0165ov\u00e1 prek\u00e1\u017eka blokuje port tak\u00fdm sp\u00f4sobom, \u017ee Nmap nedok\u00e1\u017ee ur\u010di\u0165, \u010di je port otvoren\u00fd<\/code>\u00a0alebo\u00a0zatvoren\u00fd<\/code>.\u00a0Zatvoren\u00e9<\/code> porty neobsahuj\u00fa \u017eiadne na nich na\u010d\u00favaj\u00face aplik\u00e1cie, aj ke\u010f by sa mohli kedyko\u013evek otvori\u0165. Porty s\u00fa ozna\u010dovan\u00e9 ako nefiltrovan\u00e9<\/code> ak reaguj\u00fa na testovanie Nmapom, no Nmap nedok\u00e1\u017ee ur\u010di\u0165, \u010di s\u00fa otvoren\u00e9 alebo zatvoren\u00e9. Nmap ohl\u00e1si kombin\u00e1ciu stavov otvoren\u00fd|filtrovan\u00fd<\/code>\u00a0a\u00a0zatvoren\u00fd|filtrovan\u00fd<\/code> ak nedok\u00e1\u017ee ur\u010di\u0165, ktor\u00fd z dvoch stavov zodpoved\u00e1 portu. . Ak bola vy\u017eadovan\u00e1 detekcia verzie, tabu\u013eka portov m\u00f4\u017ee takisto obsahova\u0165 podrobnosti o verzii softv\u00e9ru. Ak je vy\u017eadovan\u00fd sken protokolu IP (-sO<\/code>), Nmap poskytne inform\u00e1cie namiesto na\u010d\u00favaj\u00facich portov inform\u00e1cie o podporovan\u00fdch protokoloch IP.<\/p>\n

Okrem tabu\u013eky zauj\u00edmav\u00fdch portov dok\u00e1\u017ee Nmap poskytn\u00fa\u0165 \u010fal\u0161ie inform\u00e1cie o cie\u013eov\u00fdch staniciach, vr\u00e1tane reverzn\u00fdch n\u00e1zvov DNS, odhadov opera\u010dn\u00e9ho syst\u00e9mu, typoch zariaden\u00ed a MAC adries.<\/p>\n

Nmap je mo\u017en\u00e9 pou\u017ei\u0165 v pr\u00edkazovom riadku, alebo spusti\u0165 s grafickou nadstavbou Zenmap.\u00a0<\/em>Z\u00e1pis pr\u00edkazu je:<\/p>\n

nmap<\/code>\u00a0[\u00a0<Typ skenu><\/code><\/em>\u00a0…] [\u00a0<Mo\u017enosti><\/code><\/em>\u00a0] {\u00a0<\u0160pecifik\u00e1cia cie\u013eovej stanice><\/code><\/em>\u00a0}<\/p>\n

Typick\u00fd Nmap sken je zobrazen\u00fd na tomto obr\u00e1zku:<\/p>\n

\"\"<\/p>\n

 <\/p>\n

Zoznam mo\u017enost\u00ed nmap<\/h3>\n

\u0160PECIFIK\u00c1CIE CIE\u013dOVEJ STANICE:<\/strong>
\nJe mo\u017en\u00e9 zada\u0165 hostite\u013esk\u00fd n\u00e1zov stanice, IP adresy, siete atd.
\nPr\u00edklad:\u00a0 scanme.nmap.org, microsoft.com\/24, 192.168.0.1; 10.0.0-255.1-254<\/em>
\n-iL\u00a0<inputfilename><\/em>: Pou\u017ei\u0165 ako vstup zoznam hostite\u013esk\u00fdch stan\u00edc alebo sieti
\n-iR\u00a0<num\u00a0hosts><\/em>: Zvoli\u0165 n\u00e1hodn\u00e9 cie\u013eov\u00e9 stanice
\n–exclude\u00a0<host1[,host2][,host3],…><\/em>: Vynecha\u0165 hostite\u013esk\u00e9 stanice alebo siete
\n–excludefile\u00a0<exclude_file><\/em>: Vynecha\u0165 zoznam zo s\u00faboru<\/p>\n

ZIS\u0164OVANIE HOSTITE\u013dSKEJ STANICE:<\/strong>
\n\u00a0-sL<\/em>: List Scan – zobrazi\u0165 zoznam cie\u013eov\u00fdch stan\u00edc, ktor\u00e9 sa maj\u00fa skenova\u0165
\n-sP<\/em>: Ping Scan – nevykona\u0165 ni\u010d in\u00e9 okrem zistenia, \u010di je hostite\u013esk\u00e1 stanica online
\n-P0<\/em>: Treat all hosts as online — presko\u010di\u0165 zis\u0165ovanie hostite\u013esk\u00fdch stan\u00edc
\n\u00a0-PS\/PA\/PU\u00a0[portlist]<\/em>: pre zadan\u00e9 porty vykona\u0165 zistenie protokolov TCP SYN\/ACK alebo UDP
\n-PE\/PP\/PM<\/em>: vysk\u00fa\u0161a\u0165 ICMP echo, parameter timestamp a po\u017eiadavku na sie\u0165ov\u00fa masku
\n-n\/-R<\/em>: Nikdy nevykon\u00e1va\u0165 DNS preklad\/V\u017edy vykon\u00e1va\u0165 preklad DNS [p\u00f4vodn\u00e9 nastavenie: niekedy]
\n–dns-servers\u00a0<serv1[,serv2],…><\/em>: Zada\u0165 vlastn\u00e9 servery DNS
\n–system-dns<\/em>: Pou\u017ei\u0165 preklada\u010d DNS opera\u010dn\u00e9ho syst\u00e9mu<\/p>\n

SP\u00f4SOBY SKENOVANIA:<\/strong>
\n-sS\/sT\/sA\/sW\/sM<\/em>: Sken typu TCP SYN\/Connect()\/ACK\/Window\/Maimon
\n-sN\/sF\/sX<\/em>: Skeny typu TCP Null, FIN a Xmas
\n\u00a0–scanflags\u00a0<flags><\/em>: Nastavi\u0165 vlastn\u00e9 flagy skenu TCP scan
\n\u00a0-sI\u00a0<zombie\u00a0host[:probeport]><\/em>: Sken typu Idlescan
\n-sO<\/em>: Sken protokolu IP
\n-b\u00a0<ftp\u00a0relay\u00a0host><\/em>: Sken vyu\u017e\u00edvaj\u00faci FTP bounce<\/p>\n

\u0160PECIFIK\u00c1CIA PORTOV A PORADIE SKENOVANIA:<\/strong>
\n-p\u00a0<port\u00a0ranges><\/em>: Len \u0161pecifikovan\u00e9 porty
\nPr\u00edklad: -p22; -p1-65535; -p U:53,111,137,T:21-25,80,139,8080
\n-F<\/em>: Fast – Vykona\u0165 sken len na portoch zahrnut\u00fdch v s\u00fabore nmap-services
\n\u00a0-r<\/em>: Skenova\u0165 porty postupne a nie n\u00e1hodne<\/p>\n

DETEKCIA SLU\u017dBY\/VERZIE:<\/strong>
\n-sV<\/em>: Testova\u0165 otvoren\u00e9 porty na ur\u010denie inform\u00e1ci\u00ed o slu\u017ebe\/verzii
\n–version-light<\/em>: Kv\u00f4li r\u00fdchlej\u0161ej identifik\u00e1cii slu\u017eby\/verzie vykona\u0165 len tie najpravdepodobnej\u0161ie testy
\n–version-all<\/em>: Vykona\u0165 v\u0161etky mo\u017en\u00e9 testy
\n–version-trace<\/em>: Zobrazi\u0165 podrobnosti o priebehu skenovania verzie (pre \u00fa\u010dely debugovania)<\/p>\n

DETEKCIA\u00a0OS:<\/strong>
\n-O<\/em>: Povoli\u0165 detekciu OS
\n–osscan-limit<\/em>: Z\u00fa\u017ei\u0165 detekciu OS len na s\u013eubne vyzeraj\u00face cie\u013eov\u00e9 stanice
\n–osscan-guess<\/em>: Pou\u017ei\u0165 agres\u00edvnej\u0161iu detekciu OS<\/p>\n

\u010cASOVANIE A V\u00ddKON<\/strong>:
\n-T[0-5]<\/em>: Nastavi\u0165 \u010dasovaciu \u0161abl\u00f3nu (vy\u0161\u0161ie \u010d\u00edslo zodpoved\u00e1 r\u00fdchlej\u0161ej \u0161abl\u00f3ne)
\n\u00a0–min-hostgroup\/max-hostgroup\u00a0<size><\/em>: Ve\u013ekosti skup\u00edn paraleln\u00fdch skenov
\n–min-parallelism\/max-parallelism\u00a0<msec><\/em>: Paraleliz\u00e1cia testu
\n–min-rtt-timeout\/max-rtt-timeout\/initial-rtt-timeout\u00a0<msec><\/em>: Ud\u00e1va ve\u013ekos\u0165 hodnoty RTT testu
\n–max-retries\u00a0<tries><\/em>: Ud\u00e1va po\u010det retransmisi\u00ed testu skenovania portov.
\n–host-timeout\u00a0<msec><\/em>: Po uplynut\u00ed tohoto \u010dasov\u00e9ho limitu ukon\u010di\u0165 test cie\u013eovej stanice
\n–scan-delay\/–max-scan-delay\u00a0<msec><\/em>: Prisp\u00f4sobi\u0165 oneskorenie medzi testami<\/p>\n

OB\u00cdDENIE FIREWALLU\/IDS A FAL\u0160OVANIE:<\/strong>
\n-f;\u00a0–mtu\u00a0<val><\/em>: Fragmentova\u0165 pakety ( s pridanou mo\u017enos\u0165ou fragmentovania pod\u013ea ve\u013ekosti MTU)
\n-D\u00a0<decoy1,decoy2[,ME],…><\/em>: Ukry\u0165 sken pou\u017eit\u00edm trikov
\n-S\u00a0<IP_Address><\/em>: Sfal\u0161ova\u0165 zdrojov\u00fa adresu
\n-e\u00a0<iface><\/em>: Pou\u017ei\u0165 zadan\u00e9 rozhranie
\n-g\/–source-port\u00a0<portnum><\/em>: Pou\u017ei\u0165 dan\u00e9 \u010d\u00edslo portu
\n–data-length\u00a0<num><\/em>: Do odosielan\u00fdch paketov vlo\u017ei\u0165 n\u00e1hodn\u00e9 data
\n–ttl\u00a0<val><\/em>: Nastavi\u0165 ve\u013ekos\u0165 polo\u017eky time-to-live protokolu IP
\n–spoof-mac\u00a0<mac\u00a0address\/prefix\/vendor\u00a0name><\/em>: Sfal\u0161ova\u0165 MAC adresu aktu\u00e1lneho po\u010d\u00edta\u010da
\n–badsum<\/em>: Odosla\u0165 pakety s falo\u0161n\u00fdm kontroln\u00fdm s\u00fa\u010dtom TCP\/UDP<\/p>\n

V\u00ddSTUP:<\/strong>
\n-oN\/-oX\/-oS\/-oG\u00a0<file><\/em>: V\u00fdstup skenu zadan\u00e9ho s\u00faboru vo form\u00e1te oby\u010dajnom, XML, s|<rIpt kIddi3,
\na\u00a0Grep.
\n-oA\u00a0<basename><\/em>: V\u00fdstup s\u00fa\u010dasne vo v\u0161etk\u00fdch troch hlavn\u00fdch form\u00e1toch
\n-v<\/em>: Zv\u00fd\u0161i\u0165 \u00farove\u0148 priebe\u017en\u00e9ho v\u00fdstupu (pre v\u00e4\u010d\u0161\u00ed \u00fa\u010dinok pou\u017ei\u0165 dvakr\u00e1t)
\n-d[level]<\/em>: Nastavi\u0165 alebo zv\u00fd\u0161i\u0165 \u00farove\u0148 debugovania (Zmysel maj\u00fa hodnoty do 9)
\n–packet-trace<\/em>: Zobrazi\u0165 v\u0161etky odoslan\u00e9 a prijat\u00e9 pakety
\n–iflist<\/em>: Vytlaci\u0165 rozhrania hostite\u013eskej stanice a trasy (pre \u00fa\u010dely debugovania)
\n–append-output<\/em>: Namiesto vymazania d\u00e1t s\u00faborov prida\u0165 v\u00fdstup k d\u00e1tam zadan\u00fdch v\u00fdstupn\u00fdch s\u00faborov
\n–resume\u00a0<filename><\/em>: Pokra\u010dova\u0165 v preru\u0161enom skene
\n–stylesheet\u00a0<path\/URL><\/em>: Na prenesenie v\u00fdstupu vo form\u00e1te XML do form\u00e1tu HTML pou\u017ei\u0165 stylesheet XSL
\n–webxml<\/em>: Na z\u00edskanie prenosite\u013enej\u0161ieho form\u00e1tu XML pou\u017ei\u0165 referen\u010dn\u00fd stylesheet zo str\u00e1nky Insecure.Org
\n–no-stylesheet<\/em>: Nepou\u017e\u00edva\u0165 stylesheet pre v\u00fdstup v XML<\/p>\n

R\u00f4ZNE:<\/strong>
\n-6<\/em>: Povoli\u0165 sken pre protokol IPv6
\n-A<\/em>: Povoli\u0165 detekciu OS a verzie
\n–datadir\u00a0<dirname><\/em>: Zada\u0165 vlastn\u00e9 umiestnenie d\u00e1tov\u00e9ho s\u00faboru pre Nmap
\n–send-eth\/–send-ip<\/em>: Odosla\u0165 pou\u017eit\u00edm neupraven\u00fdch ethernetov\u00fdch r\u00e1mcov alebo IP paketov
\n–privileged<\/em>: Usudzova\u0165, \u017ee u\u017e\u00edvate\u013e m\u00e1 pln\u00e9 opr\u00e1vnenia
\n-V<\/em>: zobrazi\u0165 \u010d\u00edslo verzie
\n-h<\/em>: zobrazi\u0165 s\u00fahrn tejto str\u00e1nky n\u00e1povedy.<\/p>\n

PR\u00cdKLADY<\/strong>:
\nnmap\u00a0-v\u00a0-A\u00a0scanme.nmap.org<\/em>
\n\u00a0\u00a0nmap\u00a0-v\u00a0-sP\u00a0192.168.0.0\/16\u00a010.0.0.0\/8<\/em>
\n\u00a0\u00a0nmap\u00a0-v\u00a0-iR\u00a010000\u00a0-P0\u00a0-p\u00a080<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"

Nmap (\u201cNetwork Mapper\u201d) je open-source n\u00e1strojom na sk\u00famanie siete a kontrolu bezpe\u010dnosti. Bol vyvinut\u00fd s oh\u013eadom na r\u00fdchle skenovanie ve\u013ek\u00fdch siet\u00ed, hoci funguje v\u00fdborne aj…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[13],"tags":[],"_links":{"self":[{"href":"http:\/\/tech.sosthe.sk\/index.php\/wp-json\/wp\/v2\/posts\/752"}],"collection":[{"href":"http:\/\/tech.sosthe.sk\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/tech.sosthe.sk\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/tech.sosthe.sk\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/tech.sosthe.sk\/index.php\/wp-json\/wp\/v2\/comments?post=752"}],"version-history":[{"count":3,"href":"http:\/\/tech.sosthe.sk\/index.php\/wp-json\/wp\/v2\/posts\/752\/revisions"}],"predecessor-version":[{"id":756,"href":"http:\/\/tech.sosthe.sk\/index.php\/wp-json\/wp\/v2\/posts\/752\/revisions\/756"}],"wp:attachment":[{"href":"http:\/\/tech.sosthe.sk\/index.php\/wp-json\/wp\/v2\/media?parent=752"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/tech.sosthe.sk\/index.php\/wp-json\/wp\/v2\/categories?post=752"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/tech.sosthe.sk\/index.php\/wp-json\/wp\/v2\/tags?post=752"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}