telnet, nmap

네트워크 상태를 확인하기 위해 보통 telnet, ping을 기본적으로 사용한다. 접속하려는 서버에 ping 192.168.0.120 등으로 수행하여 패킷이 제대로 전달되는지 확인할 수 있고, telnet의 경우 특정 포트를 부여하여 포트까지 확인할 수 있다.
telnet은 TCP만 확인이 가능하기에, UDP 통신 상태확인도 가능한 nmap이라는 유틸도 함께 설명한다.

Telnet
telnet은 TCP 포트만 확인이 가능하다.

1) 방화벽(firewalld)를 실행하지 않고, 프로세스도 떠 있지 않은 상태에서는
$ telnet 192.168.0.113 22581
Trying 192.168.0.113...
telnet: connect to address 192.168.0.113: Connection refused

2) 방화벽(firewalld)를 실행하지 않고, 프로세스가 떠 있는 상태에서는
lsof -i | grep 22581
glsnr     24840 heni    4u  IPv4 12982276      0t0  TCP *:22581 (LISTEN)

$ telnet 192.168.0.113 22581
Trying 192.168.0.113...
Connected to 192.168.0.113.
Escape character is '^]'.

(crtl키 + ] 를 누르면 telnet 접속할 수 있음. quit로 빠져나옴)

3) 방화벽(firewalld)를 실행하면 ( # systemctl start firewalld )
$ telnet 192.168.0.113 22581
Trying 192.168.0.113...
telnet: connect to address 192.168.0.113: No route to host



nmap

# nmap
bash: nmap: command not found

# yum install nmap

map으로 TCP 포트 확인
1) 방화벽(firewalld)를 실행하지 않고, 프로세스도 떠 있지 않는 상태
# nmap -sT -p 22581 192.168.0.113

Starting Nmap 5.51 ( http://nmap.org ) at 2018-01-22 10:27 KST
Nmap scan report for 192.168.0.113
Host is up (0.00015s latency).
PORT      STATE  SERVICE
22581/tcp closed unknown
MAC Address: BC:AE:C5:E1:F2:A8 (Unknown)

Nmap done: 1 IP address (1 host up) scanned in 0.08 seconds

2) 방화벽(firewalld)를 실행하지 않고, 프로세스가 떠 있는 상태
# nmap -sT -p 22581 192.168.0.113

Starting Nmap 5.51 ( http://nmap.org ) at 2018-01-22 10:28 KST
Nmap scan report for 192.168.0.113
Host is up (0.00012s latency).
PORT      STATE SERVICE
22581/tcp open  unknown
MAC Address: BC:AE:C5:E1:F2:A8 (Unknown)

Nmap done: 1 IP address (1 host up) scanned in 0.08 seconds

3) 방화벽을 실행하면 ( # systemctl start firewalld )
# nmap -sT -p 22581 192.168.0.113

Starting Nmap 5.51 ( http://nmap.org ) at 2018-01-22 10:29 KST
Nmap scan report for 192.168.0.113
Host is up (0.00017s latency).
PORT      STATE    SERVICE
22581/tcp filtered unknown
MAC Address: BC:AE:C5:E1:F2:A8 (Unknown)

Nmap done: 1 IP address (1 host up) scanned in 0.08 seconds


nmap으로 UDP 포트 확인

1) 방화벽을 실행하지않고, 프로세스가 떠 있지 않은 상태
# nmap -sU -p 10133 192.168.0.113

Starting Nmap 5.51 ( http://nmap.org ) at 2018-01-22 10:44 KST
Nmap scan report for 192.168.0.113
Host is up (0.00017s latency).
PORT      STATE  SERVICE
10133/udp closed unknown
MAC Address: BC:AE:C5:E1:F2:A8 (Unknown)

Nmap done: 1 IP address (1 host up) scanned in 0.12 seconds

2) 방화벽을 실행하지 않고, 프로세스가 떠 있는 상태
# nmap -sU -p 10133 192.168.0.113

Starting Nmap 5.51 ( http://nmap.org ) at 2018-01-22 10:45 KST
Nmap scan report for 192.168.0.113
Host is up (0.00019s latency).
PORT      STATE         SERVICE
10133/udp open|filtered unknown
MAC Address: BC:AE:C5:E1:F2:A8 (Unknown)

Nmap done: 1 IP address (1 host up) scanned in 0.32 seconds

3) 방화벽을 실행한 상태 ( # systemctl start firewalld ) 
# nmap -sU -p 10133 192.168.0.113

Starting Nmap 5.51 ( http://nmap.org ) at 2018-01-22 10:46 KST
Nmap scan report for 192.168.0.113
Host is up (0.00020s latency).
PORT      STATE    SERVICE
10133/udp filtered unknown
MAC Address: BC:AE:C5:E1:F2:A8 (Unknown)

Nmap done: 1 IP address (1 host up) scanned in 0.11 seconds


'IT Engineer > Linux' 카테고리의 다른 글

linux 환경변수  (0) 2019.02.13
linux util, service - vi  (0) 2019.02.13
linux - crontab  (0) 2019.02.13
linux - firewall-cmd  (0) 2019.02.13
linux - pstack  (0) 2019.02.13

+ Recent posts