linux - telnet, nmap

telnet, nmap

네트워크 상태를 확인하기 위해 보통 telnet, ping을 기본적으로 사용한다. 접속하려는 서버에 ping 192.168.0.120 등으로 수행하여 패킷이 제대로 전달되는지 확인할 수 있고, telnet의 경우 특정 포트를 부여하여 포트까지 확인할 수 있다.

telnet은 TCP만 확인이 가능하기에, UDP 통신 상태확인도 가능한 nmap이라는 유틸도 함께 설명한다.

Telnet

telnet은 TCP 포트만 확인이 가능하다.

1) 방화벽(firewalld)를 실행하지 않고, 프로세스도 떠 있지 않은 상태에서는

$ telnet 192.168.0.113 22581

Trying 192.168.0.113...

telnet: connect to address 192.168.0.113: Connection refused

2) 방화벽(firewalld)를 실행하지 않고, 프로세스가 떠 있는 상태에서는

lsof -i | grep 22581

glsnr     24840 heni    4u  IPv4 12982276      0t0  TCP *:22581 (LISTEN)

$ telnet 192.168.0.113 22581

Trying 192.168.0.113...

Connected to 192.168.0.113.

Escape character is '^]'.

(crtl키 + ] 를 누르면 telnet 접속할 수 있음. quit로 빠져나옴)

3) 방화벽(firewalld)를 실행하면 ( # systemctl start firewalld )

$ telnet 192.168.0.113 22581

Trying 192.168.0.113...

telnet: connect to address 192.168.0.113: No route to host

nmap

# nmap

bash: nmap: command not found

# yum install nmap

map으로 TCP 포트 확인

1) 방화벽(firewalld)를 실행하지 않고, 프로세스도 떠 있지 않는 상태

# nmap -sT -p 22581 192.168.0.113

Starting Nmap 5.51 ( http://nmap.org ) at 2018-01-22 10:27 KST

Nmap scan report for 192.168.0.113

Host is up (0.00015s latency).

PORT      STATE  SERVICE

22581/tcp closed unknown

MAC Address: BC:AE:C5:E1:F2:A8 (Unknown)

Nmap done: 1 IP address (1 host up) scanned in 0.08 seconds

2) 방화벽(firewalld)를 실행하지 않고, 프로세스가 떠 있는 상태

# nmap -sT -p 22581 192.168.0.113

Starting Nmap 5.51 ( http://nmap.org ) at 2018-01-22 10:28 KST

Nmap scan report for 192.168.0.113

Host is up (0.00012s latency).

PORT      STATE SERVICE

22581/tcp open  unknown

MAC Address: BC:AE:C5:E1:F2:A8 (Unknown)

Nmap done: 1 IP address (1 host up) scanned in 0.08 seconds

3) 방화벽을 실행하면 ( # systemctl start firewalld )

# nmap -sT -p 22581 192.168.0.113

Starting Nmap 5.51 ( http://nmap.org ) at 2018-01-22 10:29 KST

Nmap scan report for 192.168.0.113

Host is up (0.00017s latency).

PORT      STATE    SERVICE

22581/tcp filtered unknown

MAC Address: BC:AE:C5:E1:F2:A8 (Unknown)

Nmap done: 1 IP address (1 host up) scanned in 0.08 seconds

nmap으로 UDP 포트 확인

1) 방화벽을 실행하지않고, 프로세스가 떠 있지 않은 상태

# nmap -sU -p 10133 192.168.0.113

Starting Nmap 5.51 ( http://nmap.org ) at 2018-01-22 10:44 KST

Nmap scan report for 192.168.0.113

Host is up (0.00017s latency).

PORT      STATE  SERVICE

10133/udp closed unknown

MAC Address: BC:AE:C5:E1:F2:A8 (Unknown)

Nmap done: 1 IP address (1 host up) scanned in 0.12 seconds

2) 방화벽을 실행하지 않고, 프로세스가 떠 있는 상태

# nmap -sU -p 10133 192.168.0.113

Starting Nmap 5.51 ( http://nmap.org ) at 2018-01-22 10:45 KST

Nmap scan report for 192.168.0.113

Host is up (0.00019s latency).

PORT      STATE         SERVICE

10133/udp open|filtered unknown

MAC Address: BC:AE:C5:E1:F2:A8 (Unknown)

Nmap done: 1 IP address (1 host up) scanned in 0.32 seconds

3) 방화벽을 실행한 상태 ( # systemctl start firewalld ) 

# nmap -sU -p 10133 192.168.0.113

Starting Nmap 5.51 ( http://nmap.org ) at 2018-01-22 10:46 KST

Nmap scan report for 192.168.0.113

Host is up (0.00020s latency).

PORT      STATE    SERVICE

10133/udp filtered unknown

MAC Address: BC:AE:C5:E1:F2:A8 (Unknown)

Nmap done: 1 IP address (1 host up) scanned in 0.11 seconds