Nmap 扫描优化

发表于 更新于 分类于
Nmap 扫描端口

分组扫描

分组扫描是指对一组主机同时进行扫描,nmap提供了两个分组扫描选项,用来设置最小分组数和最大分组数

  • –min-hostgroup: 用来指定在同一时间内扫描的最小分组数
  • –max-hostgroup: 用来指定在同一时间内扫描的最大分组数

并行发包

并行发包是指同一时间发送的探测报文数量.Nmap提供了两个选项,用来设置并行发包的最小数和最大数

  • –min-parallelism: 指定并行发包最小数
  • –max-parallelism: 指定并行发包最大数
1
2
3
4
5
6
7
8
9
# 不使用并行发包对主机进行端口扫描,耗时118.59秒
$ nmap -sS -p1-65535 www.diaoan.xyz
Starting Nmap 7.92 ( https://nmap.org ) at 2022-02-08 17:39 China Standard Time
Nmap scan report for www.diaoan.xyz
Host is up (0.035s latency).
Not shown: 65514 filtered tcp ports (no-response)
PORT      STATE  SERVICE
80/tcp    open   http
Nmap done: 1 IP address (1 host up) scanned in 118.59 seconds
1
2
3
4
5
6
7
8
9
10
# 设置并行最小发包数为3000,耗时48.53秒
$ nmap --min-parallelism 3000 -sS -p1-65535 www.diaoan.xyz
Warning: Your --min-parallelism option is pretty high!  This can hurt reliability.
Starting Nmap 7.92 ( https://nmap.org ) at 2022-02-08 17:42 China Standard Time
Nmap scan report for www.diaoan.xyz
Host is up (0.043s latency).
Not shown: 65514 filtered tcp ports (no-response)
PORT      STATE  SERVICE
80/tcp    open   http
Nmap done: 1 IP address (1 host up) scanned in 48.53 seconds