Nmap commands
NOTE: Add -F if you want to scan faster because it's fast mode that will scan fewer ports than the default scan

Enable scripts, service detection, OS fingerprinting and traceroute

1
sudo nmap -A -Pn 45.79.85.159
2
3
Starting Nmap 7.60 ( https://nmap.org ) at 2017-11-08 20:52 +07
4
Nmap scan report for li1184-159.members.linode.com (45.79.85.159)
5
Host is up (0.19s latency).
6
Not shown: 996 closed ports
7
PORT STATE SERVICE VERSION
8
22/tcp open ssh OpenSSH 7.2p2 Ubuntu 4ubuntu2.2 (Ubuntu Linux; protocol 2.0)
9
| ssh-hostkey:
10
| 2048 c1:bd:c3:9e:75:74:27:76:f7:a3:21:25:c5:bf:41:ea (RSA)
11
| 256 64:e6:37:97:dc:f7:f0:69:e0:51:f2:73:2d:11:17:fe (ECDSA)
12
|_ 256 d1:0d:f4:74:d9:41:d9:85:32:d2:74:e1:8d:ef:14:8d (EdDSA)
13
25/tcp open smtp Postfix smtpd
14
|_smtp-commands: usnode.members.linode.com, PIPELINING, SIZE 10240000, VRFY, ETRN, STARTTLS, ENHANCEDSTATUSCODES, 8BITMIME, DSN,
15
| ssl-cert: Subject: commonName=usnode
16
| Not valid before: 2017-10-17T14:41:31
17
|_Not valid after: 2027-10-15T14:41:31
18
|_ssl-date: TLS randomness does not represent time
19
80/tcp open http nginx 1.10.3 (Ubuntu)
20
|_http-server-header: nginx/1.10.3 (Ubuntu)
21
|_http-title: Welcome to nginx!
22
9000/tcp open cslistener?
23
| fingerprint-strings:
24
| FourOhFourRequest:
25
| HTTP/1.0 400 Bad Request
26
| Accept-Ranges: bytes
27
| Content-Type: application/xml
28
| Server: Minio/DEVELOPMENT.2017-10-29T10-14-45Z (linux; amd64)
29
| Vary: Origin
30
| X-Amz-Request-Id: 14F520AC5557517F
31
| Date: Wed, 08 Nov 2017 13:52:54 GMT
32
| <?xml version="1.0" encoding="UTF-8"?>
33
| <Error><Code>InvalidBucketName</Code><Message>The specified bucket is not valid.</Message><Key></Key><BucketName></BucketName><Resource>/nice ports,/Trinity.txt.bak</Resource><RequestId>3L137</RequestId><HostId>3L137</HostId></Error>
34
| GetRequest:
35
| HTTP/1.0 403 Forbidden
36
| Accept-Ranges: bytes
37
| Content-Type: application/xml
38
| Server: Minio/DEVELOPMENT.2017-10-29T10-14-45Z (linux; amd64)
39
| Vary: Origin
40
| X-Amz-Request-Id: 14F520A98FF1826F
41
| Date: Wed, 08 Nov 2017 13:52:42 GMT
42
| <?xml version="1.0" encoding="UTF-8"?>
43
| <Error><Code>AccessDenied</Code><Message>Access Denied.</Message><Key></Key><BucketName></BucketName><Resource>/</Resource><RequestId>3L137</RequestId><HostId>3L137</HostId></Error>
44
| HTTPOptions:
45
| HTTP/1.0 200 OK
46
| Vary: Origin
47
| Vary: Access-Control-Request-Method
48
| Vary: Access-Control-Request-Headers
49
| Date: Wed, 08 Nov 2017 13:52:43 GMT
50
| Content-Length: 0
51
| Content-Type: text/plain; charset=utf-8
52
| RTSPRequest, SIPOptions:
53
| HTTP/1.1 400 Bad Request
54
| Content-Type: text/plain; charset=utf-8
55
| Connection: close
56
|_ Request
57
1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service :
58
SF-Port9000-TCP:V=7.60%I=7%D=11/8%Time=5A030C2A%P=x86_64-apple-darwin16.7.
59
SF:0%r(GetRequest,1C1,"HTTP/1\.0\x20403\x20Forbidden\r\nAccept-Ranges:\x20
60
SF:bytes\r\nContent-Type:\x20application/xml\r\nServer:\x20Minio/DEVELOPME
61
SF:NT\.2017-10-29T10-14-45Z\x20\(linux;\x20amd64\)\r\nVary:\x20Origin\r\nX
62
SF:-Amz-Request-Id:\x2014F520A98FF1826F\r\nDate:\x20Wed,\x2008\x20Nov\x202
63
SF:017\x2013:52:42\x20GMT\r\n\r\n<\?xml\x20version=\"1\.0\"\x20encoding=\"
64
SF:UTF-8\"\?>\n<Error><Code>AccessDenied</Code><Message>Access\x20Denied\.
65
SF:</Message><Key></Key><BucketName></BucketName><Resource>/</Resource><Re
66
SF:questId>3L137</RequestId><HostId>3L137</HostId></Error>")%r(HTTPOptions
67
SF:,CD,"HTTP/1\.0\x20200\x20OK\r\nVary:\x20Origin\r\nVary:\x20Access-Contr
68
SF:ol-Request-Method\r\nVary:\x20Access-Control-Request-Headers\r\nDate:\x
69
SF:20Wed,\x2008\x20Nov\x202017\x2013:52:43\x20GMT\r\nContent-Length:\x200\
70
SF:r\nContent-Type:\x20text/plain;\x20charset=utf-8\r\n\r\n")%r(RTSPReques
71
SF:t,67,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nContent-Type:\x20text/plain
72
SF:;\x20charset=utf-8\r\nConnection:\x20close\r\n\r\n400\x20Bad\x20Request
73
SF:")%r(FourOhFourRequest,1F7,"HTTP/1\.0\x20400\x20Bad\x20Request\r\nAccep
74
SF:t-Ranges:\x20bytes\r\nContent-Type:\x20application/xml\r\nServer:\x20Mi
75
SF:nio/DEVELOPMENT\.2017-10-29T10-14-45Z\x20\(linux;\x20amd64\)\r\nVary:\x
76
SF:20Origin\r\nX-Amz-Request-Id:\x2014F520AC5557517F\r\nDate:\x20Wed,\x200
77
SF:8\x20Nov\x202017\x2013:52:54\x20GMT\r\n\r\n<\?xml\x20version=\"1\.0\"\x
78
SF:20encoding=\"UTF-8\"\?>\n<Error><Code>InvalidBucketName</Code><Message>
79
SF:The\x20specified\x20bucket\x20is\x20not\x20valid\.</Message><Key></Key>
80
SF:<BucketName></BucketName><Resource>/nice\x20ports,/Trinity\.txt\.bak</R
81
SF:esource><RequestId>3L137</RequestId><HostId>3L137</HostId></Error>")%r(
82
SF:SIPOptions,67,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nContent-Type:\x20t
83
SF:ext/plain;\x20charset=utf-8\r\nConnection:\x20close\r\n\r\n400\x20Bad\x
84
SF:20Request");
85
Device type: general purpose|WAP|storage-misc|broadband router
86
Running (JUST GUESSING): Linux 3.X|4.X|2.6.X|2.4.X (95%), Asus embedded (92%), HP embedded (91%)
87
OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 cpe:/o:linux:linux_kernel cpe:/h:asus:rt-ac66u cpe:/h:hp:p2000_g3 cpe:/o:linux:linux_kernel:3.4 cpe:/o:linux:linux_kernel:2.6.22 cpe:/o:linux:linux_kernel:2.4
88
Aggressive OS guesses: Linux 3.10 - 4.8 (95%), Linux 3.13 (95%), Linux 3.13 or 4.2 (95%), Linux 4.4 (95%), Linux 3.16 (94%), Linux 3.16 - 4.6 (94%), Linux 3.12 (93%), Linux 3.2 - 4.8 (93%), Linux 3.8 - 3.11 (93%), Asus RT-AC66U WAP (92%)
89
No exact OS matches for host (test conditions non-ideal).
90
Network Distance: 12 hops
91
Service Info: Host: usnode.members.linode.com; OS: Linux; CPE: cpe:/o:linux:linux_kernel
92
93
TRACEROUTE (using port 53/tcp)
94
HOP RTT ADDRESS
95
1 4.28 ms 172.16.0.1
96
2 6.12 ms static.vnpt.vn (14.169.128.1)
97
3 ...
98
4 6.07 ms static.vnpt.vn (113.171.14.37)
99
5 5.49 ms static.vnpt.vn (113.171.7.209)
100
6 ...
101
7 392.21 ms unknown.telstraglobal.net (202.127.78.129)
102
8 ...
103
9 78.34 ms 100ge8-2.core1.tyo1.he.net (184.105.64.130)
104
10 201.74 ms 100ge8-1.core1.sea1.he.net (184.105.213.117)
105
11 180.47 ms 173.230.159.3
106
12 182.92 ms li1184-159.members.linode.com (45.79.85.159)
107
108
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
109
Nmap done: 1 IP address (1 host up) scanned in 77.96 seconds
Copied!

Perform TCP and UDP scanning

1
sudo nmap -sSU 45.79.85.159
2
3
Starting Nmap 7.60 ( https://nmap.org ) at 2017-11-08 20:57 +07
4
sendto in send_ip_packet_sd: sendto(4, packet, 28, 0, 45.79.85.159, 16) => Network is down
5
Offending packet: UDP 172.16.6.163:33418 > 45.79.85.159:49176 ttl=44 id=39224 iplen=7168
6
Stats: 0:02:28 elapsed; 0 hosts completed (1 up), 1 undergoing UDP Scan
7
UDP Scan Timing: About 16.00% done; ETC: 21:12 (0:12:26 remaining)
8
Stats: 0:02:29 elapsed; 0 hosts completed (1 up), 1 undergoing UDP Scan
9
.
10
.
11
UDP Scan Timing: About 63.58% done; ETC: 21:14 (0:06:03 remaining)
12
Nmap scan report for li1184-159.members.linode.com (45.79.85.159)
13
Host is up (0.19s latency).
14
Not shown: 1995 closed ports
15
PORT STATE SERVICE
16
22/tcp open ssh
17
25/tcp open smtp
18
80/tcp open http
19
9000/tcp open cslistener
20
53/udp open|filtered domain
21
22
Nmap done: 1 IP address (1 host up) scanned in 1045.86 seconds.
Copied!
Last modified 2yr ago