[root@server2 ~]# nmap -sn -PE -n --min-hostgroup 1024 --min-parallelism 1024 -oX nmap_output.xml 16
…….省略部分结果
Nmap scan reportfor 163.177.81.145
Host is up (0.072s latency).
Nmapdone: 65536 IP addresses (144 hosts up) scanned in 19.15 seconds
可以看到,65535个地址只需19秒就扫描完成了。速度是相当的快。
1.8 快速扫描端口既然是扫描端口,就不能使用-sn选项,也不能使用-PE,否则不会返回端口状态,只会返回哪些主机。
[root@server2 ~]# nmap -n -p 20-2000 --min-hostgroup 1024 --min-parallelism 1024 192.168.100.70/24
Warning: You specified a highly aggressive--min-hostgroup.
Warning: Your--min-parallelism option is pretty high! This can hurt reliability.
Starting Nmap6.40 ( http://nmap.org ) at 2017-06-20 14:52 CST
Nmap scan report for 192.168.100.1
Host is up (0.00084s latency).
Not shown:1980 filtered ports
PORT STATE SERVICE
21/tcp open ftp
MAC Address:00:50:56:C0:00:08 (VMware)
Nmap scan reportfor 192.168.100.2
Host is up (0.000018s latency).
Not shown:1980 closed ports
PORT STATE SERVICE
53/tcp open domain
MAC Address:00:50:56:E2:16:04 (VMware)
Nmap scan reportfor 192.168.100.70
Host is up (0.000041s latency).
Not shown:1980 closed ports
PORT STATE SERVICE
22/tcp open ssh
MAC Address:00:0C:29:71:81:64 (VMware)
Nmap scan reportfor 192.168.100.254
Host is up (0.000035s latency).
All1981 scanned ports on 192.168.100.254 are filtered
MAC Address:00:50:56:ED:A1:04 (VMware)
Nmap scan reportfor 192.168.100.62
Host is up (0.0000020s latency).
Not shown:1980 closed ports
PORT STATE SERVICE
22/tcp open ssh
Nmapdone: 256 IP addresses (5 hosts up) scanned in 2.38 seconds
姊妹篇:抓包工具tcpdump用法说明