通过一个IP地址我们可以知道多少信息?
一、查询到主机的mac 地址
1. windows 下使用nbtstat -a IP地址命令
这种方式利用NetBIOS协议
C:\Users\Terry>nbtstat -a 172.24.3.135 本地连接: 节点 IP 址址: [0.0.0.0] 范围 ID: [] 找不到主机。 无线网络连接: 节点 IP 址址: [172.24.3.29] 范围 ID: [] NetBIOS 远程计算机名称表 名称 类型 状态 --------------------------------------------- TA-CN <00> 组 已注册 ITD-GANQING0-D1<00> 唯一 已注册 ITD-GANQING0-D1<20> 唯一 已注册 TA-CN <1E> 组 已注册 MAC 地址 = FC-4D-D4-F4-65-95
但是如果没有开放netbios协议,就会找不到
C:\Users\Terry>nbtstat -a 172.24.3.100 本地连接: 节点 IP 址址: [0.0.0.0] 范围 ID: [] 找不到主机。 无线网络连接: 节点 IP 址址: [172.24.3.29] 范围 ID: []
2.linux 下使用nmap 命令
[root@localhost ~]# nmap 172.24.3.100
Starting Nmap 5.51 ( http://nmap.org ) at 2014-10-16 15:50 CST
Nmap scan report for 172.24.3.100
Host is up (0.000093s latency).
Not shown: 989 filtered ports
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
427/tcp open svrloc
443/tcp open https
902/tcp open iss-realsecure
5988/tcp closed wbem-http
5989/tcp open wbem-https
8000/tcp open http-alt
8080/tcp closed http-proxy
8100/tcp open xprint-server
8300/tcp closed tmi
MAC Address: 00:10:18:1A:7B:EA (Broadcom)
Nmap done: 1 IP address (1 host up) scanned in 11.95 seconds
[root@localhost ~]#
我们可以看到172.24.3.100,这个ip开放了哪些协议,端口是多少甚至还列出来网卡的品牌
二. 利用IP地址查看主机的os
[root@localhost ~]# nmap -O 172.24.3.135 Starting Nmap 5.51 ( http://nmap.org ) at 2014-10-16 15:56 CST Nmap scan report for 172.24.3.135 Host is up (0.0020s latency). Not shown: 989 closed ports PORT STATE SERVICE 135/tcp open msrpc 139/tcp open netbios-ssn 443/tcp open https 445/tcp open microsoft-ds 1025/tcp open NFS-or-IIS 1026/tcp open LSA-or-nterm 1027/tcp open IIS 1050/tcp open java-or-OTGfileshare 3389/tcp open ms-term-serv 5003/tcp open filemaker 50500/tcp open unknown MAC Address: FC:4D:D4:F4:65:95 (Unknown) Device type: general purpose Running: Microsoft Windows Vista|2008|7 OS details: Microsoft Windows Vista SP0 - SP2, Server 2008, or Windows 7 Ultimate Network Distance: 1 hop OS detection performed. Please report any incorrect results at http://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 2.66 seconds [root@localhost ~]#
3.找出网络中的在线主机
<>
[root@localhost ~]# nmap -sP 172.24.62.* Starting Nmap 5.51 ( http://nmap.org ) at 2014-10-16 15:57 CST Nmap scan report for 172.24.62.1 Host is up (0.00074s latency). Nmap scan report for 172.24.62.11 Host is up (0.00041s latency). Nmap scan report for 172.24.62.12 Host is up (0.00039s latency). Nmap scan report for 172.24.62.13 Host is up (0.00053s latency). Nmap scan report for 172.24.62.14 Host is up (0.00052s latency).......
更多的参考文档: