menggunakan aplikasi Nmap-ZenMap.

usahakan sebelum kita menggunakan aplikasi tersebut, aplikasi Nmap sudah terinstal pada PC/ laptop anda

setelah itu kita masuk ke cmd dan ketik nslookup beserta alamat yang akan kita lihat portnya

contoh nslookup http://www.detik.com, aplikasi ini berguna untuk mengetahiau port-port berapa saja yang sedang aktif, berikut adalah contoh dari penggunaan Nmap

Starting Nmap 4.76 ( http://nmap.org ) at 2010-01-05 11:03 SE Asia Standard Time

Initiating Ping Scan at 11:03

Scanning 10.14.202.2 [5 ports]

Completed Ping Scan at 11:03, 1.28s elapsed (1 total hosts)

Initiating Parallel DNS resolution of 1 host. at 11:03

Completed Parallel DNS resolution of 1 host. at 11:03, 12.92s elapsed

Initiating SYN Stealth Scan at 11:03

Scanning 10.14.202.2 [1000 ports]

Discovered open port 53/tcp on 10.14.202.2

Discovered open port 22/tcp on 10.14.202.2

Discovered open port 113/tcp on 10.14.202.2

Discovered open port 8080/tcp on 10.14.202.2

Discovered open port 37/tcp on 10.14.202.2

Completed SYN Stealth Scan at 11:03, 8.52s elapsed (1000 total ports)

Initiating Service scan at 11:03

Scanning 5 services on 10.14.202.2

Completed Service scan at 11:03, 13.19s elapsed (5 services on 1 host)

Initiating OS detection (try #1) against 10.14.202.2

10.14.202.2: guessing hop distance at 2

Initiating Traceroute at 11:03

Completed Traceroute at 11:03, 0.01s elapsed

Initiating Parallel DNS resolution of 4 hosts. at 11:03

Completed Parallel DNS resolution of 4 hosts. at 11:04, 13.00s elapsed

SCRIPT ENGINE: Initiating script scanning.

Initiating SCRIPT ENGINE at 11:04

Completed SCRIPT ENGINE at 11:04, 9.47s elapsed

Host 10.14.202.2 appears to be up … good.

Interesting ports on 10.14.202.2:

Not shown: 995 closed ports

PORT     STATE SERVICE    VERSION

22/tcp   open  ssh        OpenSSH 5.0 (protocol 2.0)

37/tcp   open  time        (32 bits)

53/tcp   open  domain     dnsmasq 2.41

113/tcp  open  ident

8080/tcp open  http-proxy Squid webproxy 3.0.STABLE9

Device type: general purpose

Running: Linux 2.6.X

OS details: Linux 2.6.15 – 2.6.20, Linux 2.6.9-42 (Red Hat ES4)

Network Distance: 2 hops

TCP Sequence Prediction: Difficulty=198 (Good luck!)

IP ID Sequence Generation: All zeros

TRACEROUTE (using port 23/tcp)

HOP RTT  ADDRESS

1   0.00 10.100.0.1

2   0.00 10.0.1.130

3   0.00 10.14.202.2

Read data files from: C:\Program Files\Nmap

OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .

Nmap done: 1 IP address (1 host up) scanned in 61.42 seconds

Raw packets sent: 1084 (48.410KB) | Rcvd: 1076 (43.730KB)

port       service                  fungsi

22           SSH                        Port ini digunakan untuk port SSH

37           keamanan           ADM Worm

53           keamanan           ADM worm, li0n, MscanWorm, MuSka52

113         keamanan           ADM worm, Alicia, Cyn, DataSpy Network X, Dosh, Gibbon, Taskman

deviantart

Starting Nmap 4.76 ( http://nmap.org ) at 2010-01-05 12:04 SE Asia Standard Time

Initiating Ping Scan at 12:04

Scanning 8.10.77.140 [5 ports]

Completed Ping Scan at 12:04, 1.17s elapsed (1 total hosts)

Initiating Parallel DNS resolution of 1 host. at 12:04

Completed Parallel DNS resolution of 1 host. at 12:04, 0.64s elapsed

Initiating System CNAME DNS resolution of 1 host. at 12:04

Completed System CNAME DNS resolution of 1 host. at 12:04, 0.66s elapsed

Initiating SYN Stealth Scan at 12:04

Scanning http://www.deviantart.com (8.10.77.140) [1000 ports]

Discovered open port 443/tcp on 8.10.77.140

Discovered open port 80/tcp on 8.10.77.140

Increasing send delay for 8.10.77.140 from 0 to 5 due to 49 out of 122 dropped probes since last increase.

SYN Stealth Scan Timing: About 15.80% done; ETC: 12:07 (0:02:42 remaining)

Discovered open port 843/tcp on 8.10.77.140

Completed SYN Stealth Scan at 12:05, 88.89s elapsed (1000 total ports)

Initiating Service scan at 12:05

Scanning 3 services on http://www.deviantart.com (8.10.77.140)

Completed Service scan at 12:06, 51.70s elapsed (3 services on 1 host)

Initiating OS detection (try #1) against http://www.deviantart.com (8.10.77.140)

Retrying OS detection (try #2) against http://www.deviantart.com (8.10.77.140)

8.10.77.140: guessing hop distance at 16

Initiating Traceroute at 12:06

Completed Traceroute at 12:07, 33.77s elapsed

Initiating Parallel DNS resolution of 13 hosts. at 12:07

Completed Parallel DNS resolution of 13 hosts. at 12:07, 3.70s elapsed

Initiating System CNAME DNS resolution of 2 hosts. at 12:07

Completed System CNAME DNS resolution of 2 hosts. at 12:07, 0.09s elapsed

SCRIPT ENGINE: Initiating script scanning.

Initiating SCRIPT ENGINE at 12:07

SCRIPT ENGINE DEBUG: showHTMLTitle.nse: Default page is located at http://www.deviantart.com/

Completed SCRIPT ENGINE at 12:07, 18.80s elapsed

Host http://www.deviantart.com (8.10.77.140) appears to be up … good.

Interesting ports on http://www.deviantart.com (8.10.77.140):

Not shown: 997 closed ports

PORT    STATE SERVICE  VERSION

80/tcp  open  http     Apache httpd

|  robots.txt: has 6 disallowed entries

|  /users/login /users/wrong-password

|  /users/lost-password/ /users/lost-password/process /checkout/

|_ /join/step2.php

|_ HTML title: deviantART: where ART meets application!

443/tcp open  ssl/http Apache httpd

|_ SSLv2: server still supports SSLv2

|_ HTML title: Site doesn’t have a title.

843/tcp open  unknown?

1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at http://www.insecure.org/cgi-bin/servicefp-submit.cgi :

SF-Port843-TCP:V=4.76%I=7%D=1/5%Time=4B42C8B2%P=i686-pc-windows-windows%r(

SF:GenericLines,153,”<\?xml\x20version=\”1\.0\”\?>\n<cross-domain-policy>\

SF:n\t<site-control\x20permitted-cross-domain-policies=\”master-only\”\x20

SF:/>\n\t<allow-access-from\x20domain=\”chat\.deviantart\.com\”\x20to-port

SF:s=\”3900\”\x20/>\n\t<allow-access-from\x20domain=\”admin\.deviantart\.c

SF:om\”\x20to-ports=\”80\”\x20/>\n\t<allow-access-from\x20domain=\”justsit

SF:back\.deviantart\.com\”\x20to-ports=\”80\”\x20/>\n</cross-domain-policy

SF:>\n”)%r(GetRequest,153,”<\?xml\x20version=\”1\.0\”\?>\n<cross-domain-po

SF:licy>\n\t<site-control\x20permitted-cross-domain-policies=\”master-only

SF:\”\x20/>\n\t<allow-access-from\x20domain=\”chat\.deviantart\.com\”\x20t

SF:o-ports=\”3900\”\x20/>\n\t<allow-access-from\x20domain=\”admin\.deviant

SF:art\.com\”\x20to-ports=\”80\”\x20/>\n\t<allow-access-from\x20domain=\”j

SF:ustsitback\.deviantart\.com\”\x20to-ports=\”80\”\x20/>\n</cross-domain-

SF:policy>\n”)%r(HTTPOptions,153,”<\?xml\x20version=\”1\.0\”\?>\n<cross-do

SF:main-policy>\n\t<site-control\x20permitted-cross-domain-policies=\”mast

SF:er-only\”\x20/>\n\t<allow-access-from\x20domain=\”chat\.deviantart\.com

SF:\”\x20to-ports=\”3900\”\x20/>\n\t<allow-access-from\x20domain=\”admin\.

SF:deviantart\.com\”\x20to-ports=\”80\”\x20/>\n\t<allow-access-from\x20dom

SF:ain=\”justsitback\.deviantart\.com\”\x20to-ports=\”80\”\x20/>\n</cross-

SF:domain-policy>\n”)%r(RTSPRequest,153,”<\?xml\x20version=\”1\.0\”\?>\n<c

SF:ross-domain-policy>\n\t<site-control\x20permitted-cross-domain-policies

SF:=\”master-only\”\x20/>\n\t<allow-access-from\x20domain=\”chat\.devianta

SF:rt\.com\”\x20to-ports=\”3900\”\x20/>\n\t<allow-access-from\x20domain=\”

SF:admin\.deviantart\.com\”\x20to-ports=\”80\”\x20/>\n\t<allow-access-from

SF:\x20domain=\”justsitback\.deviantart\.com\”\x20to-ports=\”80\”\x20/>\n<

SF:/cross-domain-policy>\n”)%r(RPCCheck,153,”<\?xml\x20version=\”1\.0\”\?>

SF:\n<cross-domain-policy>\n\t<site-control\x20permitted-cross-domain-poli

SF:cies=\”master-only\”\x20/>\n\t<allow-access-from\x20domain=\”chat\.devi

SF:antart\.com\”\x20to-ports=\”3900\”\x20/>\n\t<allow-access-from\x20domai

SF:n=\”admin\.deviantart\.com\”\x20to-ports=\”80\”\x20/>\n\t<allow-access-

SF:from\x20domain=\”justsitback\.deviantart\.com\”\x20to-ports=\”80\”\x20/

SF:>\n</cross-domain-policy>\n”);

No OS matches for host

Uptime guess: 0.001 days (since Tue Jan 05 12:06:41 2010)

Network Distance: 16 hops

TCP Sequence Prediction: Difficulty=264 (Good luck!)

IP ID Sequence Generation: All zeros

TRACEROUTE (using port 53/tcp)

HOP RTT     ADDRESS

1   0.00    192.168.1.1

2   578.00  1.subnet110-136-144.speedy.telkom.net.id (110.136.144.1)

3   578.00  189.subnet125-160-14.speedy.telkom.net.id (125.160.14.189)

4   …

5   875.00  sin1-telkom-indonesia-1.sin.seabone.net (213.144.176.85)

6   968.00  pal17-sin1-racc1.pal.seabone.net (195.22.197.144)

7   1172.00 mil50-pal17-racc6.pal.seabone.net (195.22.218.105)

8   1047.00 fra52-mil50-racc4.fra.seabone.net (89.221.34.98)

9   1172.00 decix-fra52-racc4.fra.seabone.net (195.22.211.193)

10  875.00  global-crossing-2-decix.fra.seabone.net (89.221.34.50)

11  813.00  Bandwidth-Consulting.Tengigabitethernet8-3.ar4.NYC1.gblx.net (64.210.29.14)

12  … 15  no response

16  1390.00 209.234.243.196

17  1234.00 http://www.deviantart.com (8.10.77.140)

Read data files from: C:\Program Files\Nmap

OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .

Nmap done: 1 IP address (1 host up) scanned in 218.91 seconds

Raw packets sent: 1209 (54.976KB) | Rcvd: 5294 (3.645MB)

Port                       service                                  fungsi

80                        HTTP/WWW                          Port ini biasanya digunakan untuk web server, jadi ketika user mengetikan alamat IP atau hostname di web broeser maka web browser akan melihat IP

443                      HTTP                                         HTTP yang aman (WWW) protokol di gunakan cukup lebar.Port yang digunakan untuk file sharing, tapi virus dan worm mudah masuk pd port ini.

843                     SQL/Oracle                             port untuk mencari datbase

di atas dapat dilihat beberapa port yang aktif beserta fungsinya masing-masing

Pos ini dipublikasikan di Uncategorized. Tandai permalink.

Tinggalkan Balasan

Isikan data di bawah atau klik salah satu ikon untuk log in:

Logo WordPress.com

You are commenting using your WordPress.com account. Logout / Ubah )

Gambar Twitter

You are commenting using your Twitter account. Logout / Ubah )

Foto Facebook

You are commenting using your Facebook account. Logout / Ubah )

Foto Google+

You are commenting using your Google+ account. Logout / Ubah )

Connecting to %s