如果我在我的计算机上裸机运行以下命令,则只需几秒钟即可运行:
nmap -v -n -p- <ip of other debian box>
但是,如果我在 docker 中运行完全相同的命令,它会花费很长时间,我不知道每次在它完成之前我都会感到无聊多久:
Starting Nmap 7.70 ( https://nmap.org ) at 2019-03-14 17:58 UTC
Initiating Ping Scan at 17:58
Scanning 10.44.143.51 [4 ports]
Completed Ping Scan at 17:58, 0.23s elapsed (1 total hosts)
Initiating SYN Stealth Scan at 17:58
Scanning 10.44.143.51 [65535 ports]
Discovered open port 22/tcp on 10.44.143.51
Discovered open port 111/tcp on 10.44.143.51
Increasing send delay for 10.44.143.51 from 0 to 5 due to max_successful_tryno increase to 4
Increasing send delay for 10.44.143.51 from 5 to 10 due to 11 out of 33 dropped probes since last increase.
Increasing send delay for 10.44.143.51 from 10 to 20 due to 11 out of 29 dropped probes since last increase.
Increasing send delay for 10.44.143.51 from 20 to 40 due to 11 out of 25 dropped probes since last increase.
Increasing send delay for 10.44.143.51 from 40 to 80 due to 11 out of 32 dropped probes since last increase.
SYN Stealth Scan Timing: About 11.91% done; ETC: 18:03 (0:03:49 remaining)
SYN Stealth Scan Timing: About 12.38% done; ETC: 18:06 (0:07:12 remaining)
SYN Stealth Scan Timing: About 12.85% done; ETC: 18:10 (0:10:17 remaining)
SYN Stealth Scan Timing: About 13.31% done; ETC: 18:13 (0:13:08 remaining)
SYN Stealth Scan Timing: About 13.78% done; ETC: 18:17 (0:15:45 remaining)
SYN Stealth Scan Timing: About 14.25% done; ETC: 18:19 (0:18:09 remaining)
^C
扫描的时间似乎永远持续下去。
作为一个猜测,我假设这与容器中的 nmap 必须通过 docker 网络并进入真实网络有关,我推测它是经过 NAT 的,因此需要很长时间。
我热衷于在 docker 中使用 nmap,而不是在主机上使用,因为我在完全自动化的设置中使用它,其中我已经有一个运行 docker 的主机池,并且可以为它们调度作业以运行(在容器内)。
关于导致速度问题的原因以及如何解决它,有什么建议吗?
答案1
您能否验证正在使用哪种扫描方法并尝试交换它们?
强制使用 Connect 方法:使用-sT和 SYN 方法:-sS