本节书摘来自异步社区《Nmap渗透测试指南》一书中的第2章2.15节路由跟踪,作者 商广明,更多章节内容可以访问云栖社区“异步社区”公众号查看。
2.15 路由跟踪表2.14所示为本章节所需Nmap命令表,表中加粗命令为本小节所需命令——路由跟踪。
使用--traceroute选项即可进行路由跟踪,使用路由跟踪功能可以帮助用户了解网络的同行情况,通过此选项可以轻松地查出从本地计算机到目标之间所经过的网络节点,并可以看到通过各个节点的时间。
root@Wing:~# nmap --traceroute -v www.163.com Starting Nmap 6.47 ( http://nmap.org ) at 2015-06-27 21:04 CST Initiating Ping Scan at 21:04 Scanning www.163.com (112.253.19.198) [4 ports] #此处解析出网易服务器地址 Completed Ping Scan at 21:04, 0.00s elapsed (1 total hosts) Initiating Parallel DNS resolution of 1 host. at 21:04 Completed Parallel DNS resolution of 1 host. at 21:04, 0.02s elapsed Initiating SYN Stealth Scan at 21:04 Scanning www.163.com (112.253.19.198) [1000 ports] Discovered open port 80/tcp on 112.253.19.198 Discovered open port 8080/tcp on 112.253.19.198 Discovered open port 443/tcp on 112.253.19.198 Discovered open port 8888/tcp on 112.253.19.198 Discovered open port 88/tcp on 112.253.19.198 Discovered open port 3000/tcp on 112.253.19.198 Discovered open port 9080/tcp on 112.253.19.198 Discovered open port 8085/tcp on 112.253.19.198 adjust_timeouts2: packet supposedly had rtt of 9022009 microseconds. Ignoring time. adjust_timeouts2: packet supposedly had rtt of 9022009 microseconds. Ignoring time. Discovered open port 8383/tcp on 112.253.19.198 SYN Stealth Scan Timing: About 30.05% done; ETC: 21:05 (0:01:12 remaining) Discovered open port 7001/tcp on 112.253.19.198 Discovered open port 8088/tcp on 112.253.19.198 Discovered open port 3030/tcp on 112.253.19.198 SYN Stealth Scan Timing: About 62.28% done; ETC: 21:05 (0:00:37 remaining) Discovered open port 8082/tcp on 112.253.19.198 Discovered open port 20000/tcp on 112.253.19.198 RTTVAR has grown to over 2.3 seconds, decreasing to 2.0 RTTVAR has grown to over 2.3 seconds, decreasing to 2.0 RTTVAR has grown to over 2.3 seconds, decreasing to 2.0 RTTVAR has grown to over 2.3 seconds, decreasing to 2.0 Completed SYN Stealth Scan at 21:06, 114.52s elapsed (1000 total ports) Initiating Traceroute at 21:06 RTTVAR has grown to over 2.3 seconds, decreasing to 2.0 RTTVAR has grown to over 2.3 seconds, decreasing to 2.0 Completed Traceroute at 21:06, 0.03s elapsed Initiating Parallel DNS resolution of 2 hosts. at 21:06 Completed Parallel DNS resolution of 2 hosts. at 21:06, 0.01s elapsed Nmap scan report for www.163.com (112.253.19.198) Host is up (1.1s latency). Other addresses for www.163.com (not scanned): 218.58.206.54 Not shown: 980 closed ports PORT STATE SERVICE 80/tcp open http 88/tcp open kerberos-sec 135/tcp filtered msrpc 139/tcp filtered netbios-ssn 443/tcp open https 445/tcp filtered microsoft-ds 514/tcp filtered shell 593/tcp filtered http-rpc-epmap 3000/tcp open ppp 3030/tcp open arepa-cas 4444/tcp filtered krb524 7001/tcp open afs3-callback 8080/tcp open http-proxy 8082/tcp open blackice-alerts 8085/tcp open unknown 8088/tcp open radan-http 8383/tcp open m2mservices 8888/tcp open sun-answerbook 9080/tcp open glrpc 20000/tcp open dnp TRACEROUTE (using port 80/tcp) #经过网易服务器的80端口 HOP RTT ADDRESS 1 0.13 ms 192.168.239.2 2 0.13 ms 112.253.19.198 Nmap done: 1 IP address (1 host up) scanned in 114.74 seconds Raw packets sent: 1098 (48.240KB) | Rcvd: 1091 (43.724KB) root@Wing:~#