usahakan sebelum kita menggunakan aplikasi tersebut, aplikasi Nmap sudah terinstal pada PC/ laptop anda
setelah itu kita masuk ke cmd dan ketik nslookup beserta alamat yang akan kita lihat portnya
contoh nslookup http://www.detik.com, aplikasi ini berguna untuk mengetahiau port-port berapa saja yang sedang aktif, berikut adalah contoh dari penggunaan Nmap
Starting Nmap 4.76 ( http://nmap.org ) at 2010-01-05 11:03 SE Asia Standard Time
Initiating Ping Scan at 11:03
Scanning 10.14.202.2 [5 ports]
Completed Ping Scan at 11:03, 1.28s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 11:03
Completed Parallel DNS resolution of 1 host. at 11:03, 12.92s elapsed
Initiating SYN Stealth Scan at 11:03
Scanning 10.14.202.2 [1000 ports]
Discovered open port 53/tcp on 10.14.202.2
Discovered open port 22/tcp on 10.14.202.2
Discovered open port 113/tcp on 10.14.202.2
Discovered open port 8080/tcp on 10.14.202.2
Discovered open port 37/tcp on 10.14.202.2
Completed SYN Stealth Scan at 11:03, 8.52s elapsed (1000 total ports)
Initiating Service scan at 11:03
Scanning 5 services on 10.14.202.2
Completed Service scan at 11:03, 13.19s elapsed (5 services on 1 host)
Initiating OS detection (try #1) against 10.14.202.2
10.14.202.2: guessing hop distance at 2
Initiating Traceroute at 11:03
Completed Traceroute at 11:03, 0.01s elapsed
Initiating Parallel DNS resolution of 4 hosts. at 11:03
Completed Parallel DNS resolution of 4 hosts. at 11:04, 13.00s elapsed
SCRIPT ENGINE: Initiating script scanning.
Initiating SCRIPT ENGINE at 11:04
Completed SCRIPT ENGINE at 11:04, 9.47s elapsed
Host 10.14.202.2 appears to be up … good.
Interesting ports on 10.14.202.2:
Not shown: 995 closed ports
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 5.0 (protocol 2.0)
37/tcp open time (32 bits)
53/tcp open domain dnsmasq 2.41
113/tcp open ident
8080/tcp open http-proxy Squid webproxy 3.0.STABLE9
Device type: general purpose
Running: Linux 2.6.X
OS details: Linux 2.6.15 – 2.6.20, Linux 2.6.9-42 (Red Hat ES4)
Network Distance: 2 hops
TCP Sequence Prediction: Difficulty=198 (Good luck!)
IP ID Sequence Generation: All zeros
TRACEROUTE (using port 23/tcp)
HOP RTT ADDRESS
1 0.00 10.100.0.1
2 0.00 10.0.1.130
3 0.00 10.14.202.2
Read data files from: C:\Program Files\Nmap
OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 61.42 seconds
Raw packets sent: 1084 (48.410KB) | Rcvd: 1076 (43.730KB)
port service fungsi
22 SSH Port ini digunakan untuk port SSH
37 keamanan ADM Worm
53 keamanan ADM worm, li0n, MscanWorm, MuSka52
113 keamanan ADM worm, Alicia, Cyn, DataSpy Network X, Dosh, Gibbon, Taskman
deviantart
Starting Nmap 4.76 ( http://nmap.org ) at 2010-01-05 12:04 SE Asia Standard Time
Initiating Ping Scan at 12:04
Scanning 8.10.77.140 [5 ports]
Completed Ping Scan at 12:04, 1.17s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 12:04
Completed Parallel DNS resolution of 1 host. at 12:04, 0.64s elapsed
Initiating System CNAME DNS resolution of 1 host. at 12:04
Completed System CNAME DNS resolution of 1 host. at 12:04, 0.66s elapsed
Initiating SYN Stealth Scan at 12:04
Scanning http://www.deviantart.com (8.10.77.140) [1000 ports]
Discovered open port 443/tcp on 8.10.77.140
Discovered open port 80/tcp on 8.10.77.140
Increasing send delay for 8.10.77.140 from 0 to 5 due to 49 out of 122 dropped probes since last increase.
SYN Stealth Scan Timing: About 15.80% done; ETC: 12:07 (0:02:42 remaining)
Discovered open port 843/tcp on 8.10.77.140
Completed SYN Stealth Scan at 12:05, 88.89s elapsed (1000 total ports)
Initiating Service scan at 12:05
Scanning 3 services on http://www.deviantart.com (8.10.77.140)
Completed Service scan at 12:06, 51.70s elapsed (3 services on 1 host)
Initiating OS detection (try #1) against http://www.deviantart.com (8.10.77.140)
Retrying OS detection (try #2) against http://www.deviantart.com (8.10.77.140)
8.10.77.140: guessing hop distance at 16
Initiating Traceroute at 12:06
Completed Traceroute at 12:07, 33.77s elapsed
Initiating Parallel DNS resolution of 13 hosts. at 12:07
Completed Parallel DNS resolution of 13 hosts. at 12:07, 3.70s elapsed
Initiating System CNAME DNS resolution of 2 hosts. at 12:07
Completed System CNAME DNS resolution of 2 hosts. at 12:07, 0.09s elapsed
SCRIPT ENGINE: Initiating script scanning.
Initiating SCRIPT ENGINE at 12:07
SCRIPT ENGINE DEBUG: showHTMLTitle.nse: Default page is located at http://www.deviantart.com/
Completed SCRIPT ENGINE at 12:07, 18.80s elapsed
Host http://www.deviantart.com (8.10.77.140) appears to be up … good.
Interesting ports on http://www.deviantart.com (8.10.77.140):
Not shown: 997 closed ports
PORT STATE SERVICE VERSION
80/tcp open http Apache httpd
| robots.txt: has 6 disallowed entries
| /users/login /users/wrong-password
| /users/lost-password/ /users/lost-password/process /checkout/
|_ /join/step2.php
|_ HTML title: deviantART: where ART meets application!
443/tcp open ssl/http Apache httpd
|_ SSLv2: server still supports SSLv2
|_ HTML title: Site doesn’t have a title.
843/tcp open unknown?
1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at http://www.insecure.org/cgi-bin/servicefp-submit.cgi :
SF-Port843-TCP:V=4.76%I=7%D=1/5%Time=4B42C8B2%P=i686-pc-windows-windows%r(
SF:GenericLines,153,”<\?xml\x20version=\”1\.0\”\?>\n<cross-domain-policy>\
SF:n\t<site-control\x20permitted-cross-domain-policies=\”master-only\”\x20
SF:/>\n\t<allow-access-from\x20domain=\”chat\.deviantart\.com\”\x20to-port
SF:s=\”3900\”\x20/>\n\t<allow-access-from\x20domain=\”admin\.deviantart\.c
SF:om\”\x20to-ports=\”80\”\x20/>\n\t<allow-access-from\x20domain=\”justsit
SF:back\.deviantart\.com\”\x20to-ports=\”80\”\x20/>\n</cross-domain-policy
SF:>\n”)%r(GetRequest,153,”<\?xml\x20version=\”1\.0\”\?>\n<cross-domain-po
SF:licy>\n\t<site-control\x20permitted-cross-domain-policies=\”master-only
SF:\”\x20/>\n\t<allow-access-from\x20domain=\”chat\.deviantart\.com\”\x20t
SF:o-ports=\”3900\”\x20/>\n\t<allow-access-from\x20domain=\”admin\.deviant
SF:art\.com\”\x20to-ports=\”80\”\x20/>\n\t<allow-access-from\x20domain=\”j
SF:ustsitback\.deviantart\.com\”\x20to-ports=\”80\”\x20/>\n</cross-domain-
SF:policy>\n”)%r(HTTPOptions,153,”<\?xml\x20version=\”1\.0\”\?>\n<cross-do
SF:main-policy>\n\t<site-control\x20permitted-cross-domain-policies=\”mast
SF:er-only\”\x20/>\n\t<allow-access-from\x20domain=\”chat\.deviantart\.com
SF:\”\x20to-ports=\”3900\”\x20/>\n\t<allow-access-from\x20domain=\”admin\.
SF:deviantart\.com\”\x20to-ports=\”80\”\x20/>\n\t<allow-access-from\x20dom
SF:ain=\”justsitback\.deviantart\.com\”\x20to-ports=\”80\”\x20/>\n</cross-
SF:domain-policy>\n”)%r(RTSPRequest,153,”<\?xml\x20version=\”1\.0\”\?>\n<c
SF:ross-domain-policy>\n\t<site-control\x20permitted-cross-domain-policies
SF:=\”master-only\”\x20/>\n\t<allow-access-from\x20domain=\”chat\.devianta
SF:rt\.com\”\x20to-ports=\”3900\”\x20/>\n\t<allow-access-from\x20domain=\”
SF:admin\.deviantart\.com\”\x20to-ports=\”80\”\x20/>\n\t<allow-access-from
SF:\x20domain=\”justsitback\.deviantart\.com\”\x20to-ports=\”80\”\x20/>\n<
SF:/cross-domain-policy>\n”)%r(RPCCheck,153,”<\?xml\x20version=\”1\.0\”\?>
SF:\n<cross-domain-policy>\n\t<site-control\x20permitted-cross-domain-poli
SF:cies=\”master-only\”\x20/>\n\t<allow-access-from\x20domain=\”chat\.devi
SF:antart\.com\”\x20to-ports=\”3900\”\x20/>\n\t<allow-access-from\x20domai
SF:n=\”admin\.deviantart\.com\”\x20to-ports=\”80\”\x20/>\n\t<allow-access-
SF:from\x20domain=\”justsitback\.deviantart\.com\”\x20to-ports=\”80\”\x20/
SF:>\n</cross-domain-policy>\n”);
No OS matches for host
Uptime guess: 0.001 days (since Tue Jan 05 12:06:41 2010)
Network Distance: 16 hops
TCP Sequence Prediction: Difficulty=264 (Good luck!)
IP ID Sequence Generation: All zeros
TRACEROUTE (using port 53/tcp)
HOP RTT ADDRESS
1 0.00 192.168.1.1
2 578.00 1.subnet110-136-144.speedy.telkom.net.id (110.136.144.1)
3 578.00 189.subnet125-160-14.speedy.telkom.net.id (125.160.14.189)
4 …
5 875.00 sin1-telkom-indonesia-1.sin.seabone.net (213.144.176.85)
6 968.00 pal17-sin1-racc1.pal.seabone.net (195.22.197.144)
7 1172.00 mil50-pal17-racc6.pal.seabone.net (195.22.218.105)
8 1047.00 fra52-mil50-racc4.fra.seabone.net (89.221.34.98)
9 1172.00 decix-fra52-racc4.fra.seabone.net (195.22.211.193)
10 875.00 global-crossing-2-decix.fra.seabone.net (89.221.34.50)
11 813.00 Bandwidth-Consulting.Tengigabitethernet8-3.ar4.NYC1.gblx.net (64.210.29.14)
12 … 15 no response
16 1390.00 209.234.243.196
17 1234.00 http://www.deviantart.com (8.10.77.140)
Read data files from: C:\Program Files\Nmap
OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 218.91 seconds
Raw packets sent: 1209 (54.976KB) | Rcvd: 5294 (3.645MB)
Port service fungsi
80 HTTP/WWW Port ini biasanya digunakan untuk web server, jadi ketika user mengetikan alamat IP atau hostname di web broeser maka web browser akan melihat IP
443 HTTP HTTP yang aman (WWW) protokol di gunakan cukup lebar.Port yang digunakan untuk file sharing, tapi virus dan worm mudah masuk pd port ini.
843 SQL/Oracle port untuk mencari datbase
di atas dapat dilihat beberapa port yang aktif beserta fungsinya masing-masing