{"id":3459,"date":"2015-01-07T10:45:24","date_gmt":"2015-01-07T10:45:24","guid":{"rendered":"http:\/\/blog.bachi.net\/?p=3459"},"modified":"2015-01-07T11:41:39","modified_gmt":"2015-01-07T11:41:39","slug":"nmap-network-exploration-tool-and-security-port-scanner","status":"publish","type":"post","link":"https:\/\/blog.bachi.net\/?p=3459","title":{"rendered":"nmap &#8211; Network exploration tool and security \/ port scanner"},"content":{"rendered":"<p><a href=\"http:\/\/security.stackexchange.com\/questions\/36198\/how-to-find-live-hosts-on-my-network\">How to find live hosts on my network?<\/a><\/p>\n<pre class=\"brush: plain; title: ; notranslate\" title=\"\">\r\n# nmap --iflist\r\n\r\nStarting Nmap 6.47 ( http:\/\/nmap.org ) at 2015-01-07 11:12 CET\r\n************************INTERFACES************************\r\nDEV     (SHORT)   IP\/MASK                       TYPE     UP   MTU   MAC\r\nre0     (re0)     172.21.5.109\/21               ethernet up   1500  00:0D:B9:35:88:B4\r\nre1     (re1)     192.168.1.1\/24                ethernet up   1500  00:0D:B9:35:88:B5\r\nre1     (re1)     fe80:2::20d:b9ff:fe35:88b5\/64 ethernet up   1500  00:0D:B9:35:88:B5\r\nre2     (re2)     10.0.0.1\/16                   ethernet up   1500  00:0D:B9:35:88:B6\r\nre2     (re2)     fe80:3::20d:b9ff:fe35:88b6\/64 ethernet up   1500  00:0D:B9:35:88:B6\r\nath0    (ath0)    (none)\/0                      ethernet down 2290  04:F0:21:0C:2B:A6\r\npflog0  (pflog0)  (none)\/0                      other    up   33160\r\npfsync0 (pfsync0) (none)\/0                      other    down 1500\r\nlo0     (lo0)     127.0.0.1\/8                   loopback up   16384\r\nlo0     (lo0)     ::1\/128                       loopback up   16384\r\nlo0     (lo0)     fe80:7::1\/64                  loopback up   16384\r\nbridge0 (bridge0) (none)\/0                      ethernet up   1500  02:A6:4D:75:47:00\r\n\r\n**************************ROUTES**************************\r\nDST\/MASK                     DEV METRIC GATEWAY\r\n10.0.0.1\/32                  lo0 0\r\n127.0.0.1\/32                 lo0 0\r\n172.21.5.109\/32              lo0 0\r\n192.168.1.1\/32               lo0 0\r\n192.168.1.0\/24               re1 0\r\n172.21.0.0\/21                re0 0\r\n10.0.0.0\/16                  re2 0\r\n0.0.0.0\/0                    re0 0      172.21.0.1\r\nfe80::1\/128                  lo0 0\r\n::1\/128                      lo0 0\r\nfe80::20d:b9ff:fe35:88b6\/128 lo0 0\r\nfe80::20d:b9ff:fe35:88b5\/128 lo0 0\r\nfe80::\/32                    re1 0\r\nff01::\/32                    re2 0      fe80::20d:b9ff:fe35:88b6\r\nfe80::\/32                    re2 0\r\n::ffff:0.0.0.0\/32            lo0 0      ::1\r\nfe80::\/32                    lo0 0\r\n::\/32                        lo0 0      ::1\r\nff01::\/32                    re1 0      fe80::20d:b9ff:fe35:88b5\r\nfe80::\/32                    lo0 0      ::1\r\nff01::\/32                    lo0 0      ::1\r\nff02::\/32                    lo0 0      ::1\r\nff02::\/32                    re1 0      fe80::20d:b9ff:fe35:88b5\r\nff02::\/32                    re2 0      fe80::20d:b9ff:fe35:88b6\r\nff02::\/32                    lo0 0      ::1\r\n<\/pre>\n<ul>\n<li>-e re2: Only use interface re2<\/li>\n<li>-sn: No port scan. Only host discovery.<\/li>\n<li>-PS161: TCP SYN Ping to port 161 (SNMP)<\/li>\n<\/ul>\n<pre class=\"brush: plain; title: ; notranslate\" title=\"\">\r\n# nmap -e re2 -sP -PS161 172.21.6.0\/24\r\nStarting Nmap 6.47 ( http:\/\/nmap.org ) at 2015-01-07 11:05 CET\r\nNmap scan report for 172.21.6.29\r\nHost is up (-0.21s latency).\r\nMAC Address: 00:03:F4:04:C7:C7 (NetBurner)\r\nNmap scan report for 172.21.6.32\r\nHost is up (-0.21s latency).\r\nMAC Address: 00:14:2D:22:F2:74 (Toradex AG)\r\nNmap scan report for 172.21.6.33\r\nHost is up (-0.21s latency).\r\n<\/pre>\n","protected":false},"excerpt":{"rendered":"<p>How to find live hosts on my network? # nmap &#8211;iflist Starting Nmap 6.47 ( http:\/\/nmap.org ) at 2015-01-07 11:12 CET ************************INTERFACES************************ DEV (SHORT) IP\/MASK TYPE UP MTU MAC re0 (re0) 172.21.5.109\/21 ethernet up 1500 00:0D:B9:35:88:B4 re1 (re1) 192.168.1.1\/24 ethernet up 1500 00:0D:B9:35:88:B5 re1 (re1) fe80:2::20d:b9ff:fe35:88b5\/64 ethernet up 1500 00:0D:B9:35:88:B5 re2 (re2) 10.0.0.1\/16 ethernet up [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-3459","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/blog.bachi.net\/index.php?rest_route=\/wp\/v2\/posts\/3459","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.bachi.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.bachi.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.bachi.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.bachi.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3459"}],"version-history":[{"count":4,"href":"https:\/\/blog.bachi.net\/index.php?rest_route=\/wp\/v2\/posts\/3459\/revisions"}],"predecessor-version":[{"id":3463,"href":"https:\/\/blog.bachi.net\/index.php?rest_route=\/wp\/v2\/posts\/3459\/revisions\/3463"}],"wp:attachment":[{"href":"https:\/\/blog.bachi.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3459"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.bachi.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3459"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.bachi.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3459"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}