从连接到同一专用网络的第三台设备(与讨论中的两台设备 Lubuntu 和 Windows 10)扫描的结果如下:
第一个扫描的设备Ubuntu 20.04.2 LTS
安装了 Lubuntu( ),防火墙设置默认:
nmap -p 1-65535 192.168.100.7 -vvv 130 ⨯
Starting Nmap 7.91 ( https://nmap.org ) at 2021-02-02 15:58 EST
Initiating Ping Scan at 15:58
Scanning 192.168.100.7 [2 ports]
Completed Ping Scan at 15:58, 0.00s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 15:58
Completed Parallel DNS resolution of 1 host. at 15:58, 0.00s elapsed
DNS resolution of 1 IPs took 0.00s. Mode: Async [#: 1, OK: 0, NX: 1, DR: 0, SF: 0, TR: 1, CN: 0]
Initiating Connect Scan at 15:58
Scanning 192.168.100.7 [65535 ports]
Discovered open port 11393/tcp on 192.168.100.7
Discovered open port 39457/tcp on 192.168.100.7
Discovered open port 55628/tcp on 192.168.100.7
Discovered open port 62408/tcp on 192.168.100.7
Discovered open port 30630/tcp on 192.168.100.7
Discovered open port 36629/tcp on 192.168.100.7
Completed Connect Scan at 15:58, 1.78s elapsed (65535 total ports)
Nmap scan report for 192.168.100.7
Host is up, received conn-refused (0.00016s latency).
Scanned at 2021-02-02 15:58:03 EST for 2s
Not shown: 65529 closed ports
Reason: 65529 conn-refused
PORT STATE SERVICE REASON
11393/tcp open unknown syn-ack
30630/tcp open unknown syn-ack
36629/tcp open unknown syn-ack
39457/tcp open unknown syn-ack
55628/tcp open unknown syn-ack
62408/tcp open unknown syn-ack
Read data files from: /usr/bin/../share/nmap
Nmap done: 1 IP address (1 host up) scanned in 1.87 seconds
第二台扫描的设备安装了 Windows 10,防火墙设置默认:
nmap -Pn 1-65535 192.168.100.11 -vvv 130 ⨯
Host discovery disabled (-Pn). All addresses will be marked 'up' and scan times will be slower.
Starting Nmap 7.91 ( https://nmap.org ) at 2021-02-02 16:07 EST
Warning: Hostname 1-65535 resolves to 2 IPs. Using "ISP ".
Initiating Parallel DNS resolution of 2 hosts. at 16:07
Completed Parallel DNS resolution of 2 hosts. at 16:07, 0.00s elapsed
DNS resolution of 2 IPs took 0.00s. Mode: Async [#: 1, OK: 1, NX: 1, DR: 0, SF: 0, TR: 2, CN: 0]
Initiating Connect Scan at 16:07
Scanning 2 hosts [1000 ports/host]
Discovered open port 80/tcp on "ISP IP"
Completed Connect Scan against "ISP IP"in 12.47s (1 host left)
Completed Connect Scan at 16:07, 12.66s elapsed (2000 total ports)
Nmap scan report for 1-65535 ("ISP IP")
Host is up, received user-set (0.0078s latency).
Other addresses for 1-65535 (not scanned): "ISP IP"
rDNS record for "ISP IP": "ISP IP"
Scanned at 2021-02-02 16:07:05 EST for 13s
Not shown: 999 filtered ports
Reason: 999 no-responses
PORT STATE SERVICE REASON
80/tcp open http syn-ack
Nmap scan report for 192.168.100.11
Host is up, received user-set.
All 1000 scanned ports on 192.168.100.11 are filtered because of 1000 no-responses
Read data files from: /usr/bin/../share/nmap
Nmap done: 2 IP addresses (2 hosts up) scanned in 12.76 seconds
输出中的公共 IP 被替换为“ISP IP”
有人能说说为什么 Lubuntu 的默认防火墙设置开放了这么多端口,而 Windows 10 却没有?谢谢。
编辑:对于 Lubuntu 机器:
sudo ss -tulp
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
udp UNCONN 0 0 0.0.0.0:43611 0.0.0.0:* users:(("avahi-daemon",pid=441,fd=14))
udp UNCONN 0 0 224.0.0.251:mdns 0.0.0.0:* users:(("chrome",pid=2008,fd=135))
udp UNCONN 0 0 0.0.0.0:mdns 0.0.0.0:* users:(("avahi-daemon",pid=441,fd=12))
udp UNCONN 0 0 127.0.0.53%lo:domain 0.0.0.0:* users:(("systemd-resolve",pid=431,fd=12))
udp UNCONN 0 0 0.0.0.0:631 0.0.0.0:* users:(("cups-browsed",pid=4799,fd=7))
udp UNCONN 0 0 *:11393 *:* users:(("outline-ss-serv",pid=1568,fd=8))
udp UNCONN 0 0 *:36629 *:* users:(("outline-ss-serv",pid=1568,fd=10))
udp UNCONN 0 0 [::]:mdns [::]:* users:(("avahi-daemon",pid=441,fd=13))
udp UNCONN 0 0 *:30630 *:* users:(("outline-ss-serv",pid=1568,fd=12))
udp UNCONN 0 0 *:55628 *:* users:(("outline-ss-serv",pid=1568,fd=14))
udp UNCONN 0 0 *:6666 *:* users:(("qlipper",pid=1156,fd=13))
udp UNCONN 0 0 *:39457 *:* users:(("outline-ss-serv",pid=1568,fd=16))
udp UNCONN 0 0 [::]:56865 [::]:* users:(("avahi-daemon",pid=441,fd=15))
tcp LISTEN 0 4096 127.0.0.53%lo:domain 0.0.0.0:* users:(("systemd-resolve",pid=431,fd=13))
tcp LISTEN 0 5 127.0.0.1:ipp 0.0.0.0:* users:(("cupsd",pid=4798,fd=7))
tcp LISTEN 0 4096 127.0.0.1:9050 0.0.0.0:* users:(("tor",pid=563,fd=6))
tcp LISTEN 0 4096 127.0.0.1:9090 0.0.0.0:* users:(("prometheus",pid=1555,fd=8))
tcp LISTEN 0 511 127.0.0.1:9091 0.0.0.0:* users:(("node",pid=1540,fd=19))
tcp LISTEN 0 4096 127.0.0.1:9092 0.0.0.0:* users:(("outline-ss-serv",pid=1568,fd=3))
tcp LISTEN 0 4096 *:36629 *:* users:(("outline-ss-serv",pid=1568,fd=9))
tcp LISTEN 0 5 [::1]:ipp [::]:* users:(("cupsd",pid=4798,fd=6))
tcp LISTEN 0 4096 *:39457 *:* users:(("outline-ss-serv",pid=1568,fd=15))
tcp LISTEN 0 4096 *:11393 *:* users:(("outline-ss-serv",pid=1568,fd=7))
tcp LISTEN 0 4096 *:30630 *:* users:(("outline-ss-serv",pid=1568,fd=11))
tcp LISTEN 0 511 *:62408 *:* users:(("node",pid=1540,fd=22))
tcp LISTEN 0 4096 *:55628 *:* users:(("outline-ss-serv",pid=1568,fd=13))
答案1
让我们重新排列监听端口列表以包含您在输出中提供的数据sudo ss -tulp
:
PORT STATE APPLICATION PID
11393/tcp open outline-ss-serv 1568
30630/tcp open outline-ss-serv 1568
36629/tcp open outline-ss-serv 1568
39457/tcp open outline-ss-serv 1568
55628/tcp open outline-ss-serv 1568
62408/tcp open node 1540
看起来你的 Lubuntu 系统正在运行服务器应用程序...因此预计客户端的连接端口是开放的。
如果您确实想在 Ubuntu 系统上测试开放和可利用的端口,欢迎您这样做。我们欢迎测试人员!我们建议您从库存系统开始。开放端口与可利用端口不同。如果您发现开放和可利用的端口,请提交错误报告并订阅 Ubuntu 安全团队。