mirror of
https://github.com/nmap/nmap.git
synced 2025-12-06 04:31:29 +00:00
Update http urls for nmap.org to https
This commit is contained in:
dmiller
50
docs/nmap.1
50
docs/nmap.1
@@ -2,12 +2,12 @@
|
||||
.\" Title: nmap
|
||||
.\" Author: [see the "Author" section]
|
||||
.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/>
|
||||
.\" Date: 07/08/2015
|
||||
.\" Date: 11/05/2015
|
||||
.\" Manual: Nmap Reference Guide
|
||||
.\" Source: Nmap
|
||||
.\" Language: English
|
||||
.\"
|
||||
.TH "NMAP" "1" "07/08/2015" "Nmap" "Nmap Reference Guide"
|
||||
.TH "NMAP" "1" "11/05/2015" "Nmap" "Nmap Reference Guide"
|
||||
.\" -----------------------------------------------------------------
|
||||
.\" * Define some portability stuff
|
||||
.\" -----------------------------------------------------------------
|
||||
@@ -109,9 +109,9 @@ Nmap done: 1 IP address (1 host up) scanned in 14\&.40 seconds
|
||||
.\}
|
||||
.PP
|
||||
The newest version of Nmap can be obtained from
|
||||
\m[blue]\fB\%http://nmap.org\fR\m[]\&. The newest version of this man page is available at
|
||||
\m[blue]\fB\%http://nmap.org/book/man.html\fR\m[]\&.
|
||||
It is also included as a chapter of Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning (see \m[blue]\fB\%http://nmap.org/book/\fR\m[])\&.
|
||||
\m[blue]\fB\%https://nmap.org\fR\m[]\&. The newest version of this man page is available at
|
||||
\m[blue]\fB\%https://nmap.org/book/man.html\fR\m[]\&.
|
||||
It is also included as a chapter of Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning (see \m[blue]\fB\%https://nmap.org/book/\fR\m[])\&.
|
||||
.SH "OPTIONS SUMMARY"
|
||||
.PP
|
||||
This options summary is printed when Nmap is run with no arguments, and the latest version is always available at
|
||||
@@ -494,7 +494,7 @@ and
|
||||
.RS 4
|
||||
.\" payloads, protocol-specific
|
||||
Another host discovery option is the UDP ping, which sends a UDP packet to the given ports\&. For most ports, the packet will be empty, though some use a protocol\-specific payload that is more likely to elicit a response\&.
|
||||
The payload database is described at \m[blue]\fB\%http://nmap.org/book/nmap-payloads.html\fR\m[]\&..\" protocol-specific payloads: UDP\&. Packet content can also be affected with the
|
||||
The payload database is described at \m[blue]\fB\%https://nmap.org/book/nmap-payloads.html\fR\m[]\&..\" protocol-specific payloads: UDP\&. Packet content can also be affected with the
|
||||
\fB\-\-data\fR,
|
||||
\fB\-\-data\-string\fR, and
|
||||
\fB\-\-data\-length\fR
|
||||
@@ -726,7 +726,7 @@ filtered
|
||||
states\&.
|
||||
.sp
|
||||
This technique is often referred to as half\-open scanning, because you don\*(Aqt open a full TCP connection\&. You send a SYN packet, as if you are going to open a real connection and then wait for a response\&. A SYN/ACK indicates the port is listening (open), while a RST (reset) is indicative of a non\-listener\&. If no response is received after several retransmissions, the port is marked as filtered\&. The port is also marked filtered if an ICMP unreachable error (type 3, code 0, 1, 2, 3, 9, 10, or 13) is received\&. The port is also considered open if a SYN packet (without the ACK flag) is received in response\&. This can be due to an extremely rare TCP feature known as a simultaneous open or split handshake connection (see
|
||||
\m[blue]\fB\%http://nmap.org/misc/split-handshake.pdf\fR\m[])\&.
|
||||
\m[blue]\fB\%https://nmap.org/misc/split-handshake.pdf\fR\m[])\&.
|
||||
.RE
|
||||
.PP
|
||||
\fB\-sT\fR (TCP connect scan) .\" -sT .\" connect scan
|
||||
@@ -922,7 +922,7 @@ in both cases\&.
|
||||
\fB\-sI \fR\fB\fIzombie host\fR\fR\fB[:\fIprobeport\fR]\fR (idle scan) .\" -sI .\" idle scan
|
||||
.RS 4
|
||||
This advanced scan method allows for a truly blind TCP port scan of the target (meaning no packets are sent to the target from your real IP address)\&. Instead, a unique side\-channel attack exploits predictable IP fragmentation ID sequence generation on the zombie host to glean information about the open ports on the target\&. IDS systems will display the scan as coming from the zombie machine you specify (which must be up and meet certain criteria)\&.
|
||||
This fascinating scan type is too complex to fully describe in this reference guide, so I wrote and posted an informal paper with full details at \m[blue]\fB\%http://nmap.org/book/idlescan.html\fR\m[]\&.
|
||||
This fascinating scan type is too complex to fully describe in this reference guide, so I wrote and posted an informal paper with full details at \m[blue]\fB\%https://nmap.org/book/idlescan.html\fR\m[]\&.
|
||||
.sp
|
||||
Besides being extraordinarily stealthy (due to its blind nature), this scan type permits mapping out IP\-based trust relationships between machines\&. The port listing shows open ports
|
||||
\fIfrom the perspective of the zombie host\&.\fR
|
||||
@@ -1108,7 +1108,7 @@ open|filtered
|
||||
TCP ports are treated the same way\&. Note that the Nmap
|
||||
\fB\-A\fR
|
||||
option enables version detection among other things\&.
|
||||
A paper documenting the workings, usage, and customization of version detection is available at \m[blue]\fB\%http://nmap.org/book/vscan.html\fR\m[]\&.
|
||||
A paper documenting the workings, usage, and customization of version detection is available at \m[blue]\fB\%https://nmap.org/book/vscan.html\fR\m[]\&.
|
||||
.PP
|
||||
When RPC services are discovered, the Nmap RPC grinder.\" RPC grinder
|
||||
is automatically used to determine the RPC program and version numbers\&. It takes all the TCP/UDP ports detected as RPC and floods them with SunRPC program NULL commands in an attempt to determine whether they are RPC ports, and if so, what program and version number they serve up\&. Thus you can effectively obtain the same info as
|
||||
@@ -1192,7 +1192,7 @@ class, which means that they increment the ID field in the IP header for each pa
|
||||
.PP
|
||||
Another bit of extra information enabled by OS detection is a guess at a target\*(Aqs uptime\&. This uses the TCP timestamp option (\m[blue]\fBRFC 1323\fR\m[]\&\s-2\u[10]\d\s+2) to guess when a machine was last rebooted\&. The guess can be inaccurate due to the timestamp counter not being initialized to zero or the counter overflowing and wrapping around, so it is printed only in verbose mode\&.
|
||||
.PP
|
||||
A paper documenting the workings, usage, and customization of OS detection is available at \m[blue]\fB\%http://nmap.org/book/osdetect.html\fR\m[]\&.
|
||||
A paper documenting the workings, usage, and customization of OS detection is available at \m[blue]\fB\%https://nmap.org/book/osdetect.html\fR\m[]\&.
|
||||
.PP
|
||||
OS detection is enabled and controlled with the following options:
|
||||
.PP
|
||||
@@ -1248,12 +1248,12 @@ malware,
|
||||
safe,
|
||||
version, and
|
||||
vuln\&. These are all described
|
||||
at \m[blue]\fB\%http://nmap.org/book/nse-usage.html#nse-categories\fR\m[]\&.
|
||||
at \m[blue]\fB\%https://nmap.org/book/nse-usage.html#nse-categories\fR\m[]\&.
|
||||
.PP
|
||||
Scripts are not run in a sandbox and thus could accidentally or maliciously damage your system or invade your privacy\&. Never run scripts from third parties unless you trust the authors or have carefully audited the scripts yourself\&.
|
||||
.PP
|
||||
The Nmap Scripting Engine is described in detail
|
||||
at \m[blue]\fB\%http://nmap.org/book/nse.html\fR\m[]
|
||||
at \m[blue]\fB\%https://nmap.org/book/nse.html\fR\m[]
|
||||
and is controlled by the following options:
|
||||
.PP
|
||||
\fB\-sC\fR .\" -sC
|
||||
@@ -1311,7 +1311,7 @@ extension; it will be added automatically if necessary\&.
|
||||
Nmap scripts are stored in a
|
||||
scripts
|
||||
subdirectory of the Nmap data directory by default
|
||||
(see \m[blue]\fB\%http://nmap.org/book/data-files.html\fR\m[])\&.
|
||||
(see \m[blue]\fB\%https://nmap.org/book/data-files.html\fR\m[])\&.
|
||||
For efficiency, scripts are indexed in a database stored in
|
||||
scripts/script\&.db,.\" script.db
|
||||
which lists the category or categories in which each script belongs\&.
|
||||
@@ -1393,7 +1393,7 @@ pairs\&. Names and values may be strings not containing whitespace or the charac
|
||||
xmpp\-info\&.server_name\&. You may use that full qualified version to affect just the specified script, or you may pass the unqualified version (server_name
|
||||
in this case) to affect all scripts using that argument name\&. A script will first check for its fully qualified argument name (the name specified in its documentation) before it accepts an unqualified argument name\&. A complex example of script arguments is
|
||||
\fB\-\-script\-args \*(Aquser=foo,pass=",{}=bar",whois={whodb=nofollow+ripe},xmpp\-info\&.server_name=localhost\*(Aq\fR\&. The online NSE Documentation Portal at
|
||||
\m[blue]\fB\%http://nmap.org/nsedoc/\fR\m[]
|
||||
\m[blue]\fB\%https://nmap.org/nsedoc/\fR\m[]
|
||||
lists the arguments that each script accepts\&.
|
||||
.RE
|
||||
.PP
|
||||
@@ -1919,7 +1919,7 @@ Warning: this feature is still under development and has limitations\&. It is im
|
||||
\fB\-\-badsum\fR (Send packets with bogus TCP/UDP checksums) .\" --badsum .\" TCP checksum .\" checksums
|
||||
.RS 4
|
||||
Asks Nmap to use an invalid TCP, UDP or SCTP checksum for packets sent to target hosts\&. Since virtually all host IP stacks properly drop these packets, any responses received are likely coming from a firewall or IDS that didn\*(Aqt bother to verify the checksum\&. For more details on this technique, see
|
||||
\m[blue]\fB\%http://nmap.org/p60-12.html\fR\m[]
|
||||
\m[blue]\fB\%https://nmap.org/p60-12.html\fR\m[]
|
||||
.RE
|
||||
.PP
|
||||
\fB\-\-adler32\fR (Use deprecated Adler32 instead of CRC32C for SCTP checksums) .\" --adler32 .\" CRC32C checksum .\" Adler32 checksum .\" SCTP checksum
|
||||
@@ -2077,7 +2077,7 @@ SunRPC info, and
|
||||
Version info\&.
|
||||
.sp
|
||||
As with XML output, this man page does not allow for documenting the entire format\&. A more detailed look at the Nmap grepable output format is available
|
||||
from \m[blue]\fB\%http://nmap.org/book/output-formats-grepable-output.html\fR\m[]\&.
|
||||
from \m[blue]\fB\%https://nmap.org/book/output-formats-grepable-output.html\fR\m[]\&.
|
||||
.RE
|
||||
.PP
|
||||
\fB\-oA \fR\fB\fIbasename\fR\fR (Output to all formats) .\" -oA
|
||||
@@ -2213,7 +2213,7 @@ where it was initially installed by Nmap\&. Run the XML file through an XSLT pro
|
||||
\m[blue]\fBxsltproc\fR\m[]\&\s-2\u[17]\d\s+2.\" xsltproc
|
||||
to produce an HTML file\&. Directly opening the XML file in a browser no longer works well because modern browsers limit the locations a stylesheet may be loaded from\&. If you wish to use a different stylesheet, specify it as the argument to
|
||||
\fB\-\-stylesheet\fR\&. You must pass the full pathname or URL\&. One common invocation is
|
||||
\fB\-\-stylesheet http://nmap\&.org/svn/docs/nmap\&.xsl\fR\&. This tells an XSLT processor to load the latest version of the stylesheet from Nmap\&.Org\&. The
|
||||
\fB\-\-stylesheet https://nmap\&.org/svn/docs/nmap\&.xsl\fR\&. This tells an XSLT processor to load the latest version of the stylesheet from Nmap\&.Org\&. The
|
||||
\fB\-\-webxml\fR
|
||||
option does the same thing with less typing and memorization\&. Loading the XSL from Nmap\&.Org makes it easier to view results on a machine that doesn\*(Aqt have Nmap (and thus
|
||||
nmap\&.xsl) installed\&. So the URL is often more useful, but the local filesystem location of
|
||||
@@ -2224,7 +2224,7 @@ is used by default for privacy reasons\&.
|
||||
\fB\-\-webxml\fR (Load stylesheet from Nmap\&.Org) .\" --webxml
|
||||
.RS 4
|
||||
This is a convenience option, nothing more than an alias for
|
||||
\fB\-\-stylesheet http://nmap\&.org/svn/docs/nmap\&.xsl\fR\&.
|
||||
\fB\-\-stylesheet https://nmap\&.org/svn/docs/nmap\&.xsl\fR\&.
|
||||
.RE
|
||||
.PP
|
||||
\fB\-\-no\-stylesheet\fR (Omit XSL stylesheet declaration from XML) .\" --no-stylesheet
|
||||
@@ -2449,13 +2449,13 @@ This scans 4096 IPs for any web servers (without pinging them) and saves the out
|
||||
While this reference guide details all material Nmap options, it can\*(Aqt fully demonstrate how to apply those features to quickly solve real\-world tasks\&. For that, we released
|
||||
Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning\&.
|
||||
Topics include subverting firewalls and intrusion detection systems, optimizing Nmap performance, and automating common networking tasks with the Nmap Scripting Engine\&. Hints and instructions are provided for common Nmap tasks such as taking network inventory, penetration testing, detecting rogue wireless access points, and quashing network worm outbreaks\&. Examples and diagrams show actual communication on the wire\&. More than half of the book is available free online\&. See
|
||||
\m[blue]\fB\%http://nmap.org/book\fR\m[]
|
||||
\m[blue]\fB\%https://nmap.org/book\fR\m[]
|
||||
for more information\&.
|
||||
.SH "BUGS"
|
||||
.\" bugs, reporting
|
||||
.PP
|
||||
Like its author, Nmap isn\*(Aqt perfect\&. But you can help make it better by sending bug reports or even writing patches\&. If Nmap doesn\*(Aqt behave the way you expect, first upgrade to the latest version available from
|
||||
\m[blue]\fB\%http://nmap.org\fR\m[]\&. If the problem persists, do some research to determine whether it has already been discovered and addressed\&. Try searching for the error message on our search page at
|
||||
\m[blue]\fB\%https://nmap.org\fR\m[]\&. If the problem persists, do some research to determine whether it has already been discovered and addressed\&. Try searching for the error message on our search page at
|
||||
\m[blue]\fB\%http://insecure.org/search.html\fR\m[]
|
||||
or at Google\&. Also try browsing the
|
||||
nmap\-dev
|
||||
@@ -2465,7 +2465,7 @@ Read this full manual page as well\&. If nothing comes of this, mail a bug repor
|
||||
<dev@nmap\&.org>\&. Please include everything you have learned about the problem, as well as what version of Nmap you are running and what operating system version it is running on\&. Problem reports and Nmap usage questions sent to
|
||||
<dev@nmap\&.org>
|
||||
are far more likely to be answered than those sent to Fyodor directly\&. If you subscribe to the nmap\-dev list before posting, your message will bypass moderation and get through more quickly\&. Subscribe at
|
||||
\m[blue]\fB\%http://nmap.org/mailman/listinfo/dev\fR\m[]\&.
|
||||
\m[blue]\fB\%https://nmap.org/mailman/listinfo/dev\fR\m[]\&.
|
||||
.PP
|
||||
Code patches to fix bugs are even better than bug reports\&. Basic instructions for creating patch files with your changes are available at
|
||||
\m[blue]\fB\%https://svn.nmap.org/nmap/HACKING\fR\m[]\&. Patches may be sent to
|
||||
@@ -2482,7 +2482,7 @@ Lyon
|
||||
Hundreds of people have made valuable contributions to Nmap over the years\&. These are detailed in the
|
||||
CHANGELOG.\" changelog
|
||||
file which is distributed with Nmap and also available from
|
||||
\m[blue]\fB\%http://nmap.org/changelog.html\fR\m[]\&.
|
||||
\m[blue]\fB\%https://nmap.org/changelog.html\fR\m[]\&.
|
||||
.SH "LEGAL NOTICES"
|
||||
.SS "Nmap Copyright and Licensing"
|
||||
.\" copyright
|
||||
@@ -2655,7 +2655,7 @@ When compiled with OpenSSL support or distributed as source code, Insecure\&.Com
|
||||
.IP " 1." 4
|
||||
Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning
|
||||
.RS 4
|
||||
\%http://nmap.org/book/
|
||||
\%https://nmap.org/book/
|
||||
.RE
|
||||
.IP " 2." 4
|
||||
RFC 1122
|
||||
@@ -2790,12 +2790,12 @@ Liblinear linear classification library
|
||||
.IP "28." 4
|
||||
IPv6 OS detection machine learning techniques
|
||||
.RS 4
|
||||
\%http://nmap.org/book/osdetect-guess.html#osdetect-guess-ipv6
|
||||
\%https://nmap.org/book/osdetect-guess.html#osdetect-guess-ipv6
|
||||
.RE
|
||||
.IP "29." 4
|
||||
Google Summer of Code
|
||||
.RS 4
|
||||
\%http://nmap.org/soc/
|
||||
\%https://nmap.org/soc/
|
||||
.RE
|
||||
.IP "30." 4
|
||||
DARPA CINDER program
|
||||
|
||||
Reference in New Issue
Block a user