nmap局域网网段扫描

Can pass hostnames, IP addresses, networks, etc. Ex: scanme.nmap.org, microsoft.com/24, 192.168.0.1; 10.0.0-255.1-254

扫描某一个网段

在一个连接局域网（wifi/以太网——叫网线）的电脑。使用nmap去扫描当前网段下的活这的电脑主机。

格式：

nmap -sn 要扫描的网段ip

扫描案例：

nmap -sn 192.168.1.0/24

HOST DISCOVERY（主机发现）: -sL: List Scan - simply list targets to scan（只需列出要扫描的目标） -sn: Ping Scan - disable port scan（禁用端口扫描）

扫描结果输出：

Host is up (0.0011s latency).
Nmap scan report for 192.168.1.254
Host is up (0.00052s latency).
Nmap scan report for 192.168.1.255
Host is up (0.00042s latency).
Nmap done: 256 IP addresses (256 hosts up) scanned in 8.06 seconds                                                                

Host is up表示：主机是在线的。

详细扫描某个ip地址

格式：

nmap -A 局域网内某个具体的ip地址

案例：详细扫描192.168.1.251这个ip地址对应的详细信息。

nmap -A 192.168.1.251

MISC（` 是 Miscellaneous 的缩写，中文意思是 “杂项” 或 “其他”。）: -6: Enable IPv6 scanning -A: Enable OS detection, version detection, script scanning, and traceroute

• -6: 启用 IPv6 扫描。
• -A: 激进扫描模式。这是一个“全能”选项，一次性启用操作系统检测 (-O)、版本检测 (-sV)、脚本扫描 (-sC) 和跟踪路由 (--traceroute)。

扫描结果输出：

└─# nmap -A 192.168.1.251
Starting Nmap 7.92 ( https://nmap.org ) at 2025-11-23 03:39 EST
Nmap scan report for 192.168.1.251
Host is up (0.0018s latency).
Not shown: 997 filtered tcp ports (no-response)
PORT    STATE SERVICE    VERSION
25/tcp  open  tcpwrapped
|_smtp-commands: Couldn't establish connection on port 25
110/tcp open  tcpwrapped
|_sslv2: ERROR: Script execution failed (use -d to debug)
|_ssl-date: ERROR: Script execution failed (use -d to debug)
|_ssl-cert: ERROR: Script execution failed (use -d to debug)
|_tls-alpn: ERROR: Script execution failed (use -d to debug)
|_tls-nextprotoneg: ERROR: Script execution failed (use -d to debug)
143/tcp open  tcpwrapped
|_imap-ntlm-info: ERROR: Script execution failed (use -d to debug)
|_sslv2: ERROR: Script execution failed (use -d to debug)
|_ssl-date: ERROR: Script execution failed (use -d to debug)
|_ssl-cert: ERROR: Script execution failed (use -d to debug)
|_tls-nextprotoneg: ERROR: Script execution failed (use -d to debug)
|_tls-alpn: ERROR: Script execution failed (use -d to debug)
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Device type: WAP|phone
Running: Linux 2.4.X|2.6.X, Sony Ericsson embedded
OS CPE: cpe:/o:linux:linux_kernel:2.4.20 cpe:/o:linux:linux_kernel:2.6.22 cpe:/h:sonyericsson:u8i_vivaz
OS details: Tomato 1.28 (Linux 2.4.20), Tomato firmware (Linux 2.6.22), Sony Ericsson U8i Vivaz mobile phone

TRACEROUTE (using port 80/tcp)
HOP RTT    ADDRESS
1   ... 30

OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 91.34 seconds