我第一次安装了 hping 和 nmap 工具。这两个工具都无法连接到任何网站,包括 google.com,但 ping 命令可以工作
平
[heman@Main ~]$ ping google.com
PING google.com(bom12s01-in-x0e.1e100.net (2404:6800:4009:810::200e)) 56 data bytes
64 bytes from bom12s01-in-x0e.1e100.net (2404:6800:4009:810::200e): icmp_seq=1 ttl=116 time=61.1 ms
64 bytes from bom12s01-in-x0e.1e100.net (2404:6800:4009:810::200e): icmp_seq=2 ttl=116 time=58.9 ms
64 bytes from bom12s01-in-x0e.1e100.net (2404:6800:4009:810::200e): icmp_seq=3 ttl=116 time=57.4 ms
64 bytes from bom12s01-in-x0e.1e100.net (2404:6800:4009:810::200e): icmp_seq=4 ttl=116 time=75.0 ms
^C
--- google.com ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3005ms
rtt min/avg/max/mdev = 57.449/63.118/ 75.012/6.987 ms
惠普
[heman@Main ~]$ sudo hping -I wlan0 google.com
[sudo] password for heman:
HPING google.com (wlan0 142.250.195.46): NO FLAGS are set, 40 headers + 0 data bytes
ICMP Network Unreachable from ip=192.168.225.1 name=_gateway
ICMP Network Unreachable from ip=192.168.225.1 name=_gateway
ICMP Network Unreachable from ip=192.168.225.1 name=_gateway
^C
--- google.com hping statistic ---
3 packets tramitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 0.0/0.0/0.0 ms
NMap
[heman@Main ~]$ sudo nmap -sS google.com -e wlan0
Starting Nmap 7.94 ( https://nmap.org ) at 2023-07-17 14:57 IST
Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn
Nmap done: 1 IP address (0 hosts up) scanned in 3.23 seconds
我在 archlinux 中的默认 iptables 防火墙配置
[heman@Main /etc/iptables]$ cat /etc/iptables/simple_firewall.rules
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -p icmp -j ACCEPT
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -j REJECT --reject-with tcp-reset
-A INPUT -p udp -j REJECT --reject-with icmp-port-unreachable
-A INPUT -j REJECT --reject-with icmp-proto-unreachable
COMMIT
我不知道如何进一步排除故障。许多文章说使用 nmap 的 -Pn,但它仍然没有显示任何开放端口。
[heman@Main /etc/iptables]$ sudo nmap -Pn google.com -e wlan0
[sudo] password for heman:
Starting Nmap 7.94 ( https://nmap.org ) at 2023-07-17 15:03 IST
Nmap scan report for google.com (142.250.76.46)
Host is up (0.0037s latency).
Other addresses for google.com (not scanned): 2404:6800:4007:814::200e
rDNS record for 142.250.76.46: maa03s36-in-f14.1e100.net
All 1000 scanned ports on google.com (142.250.76.46) are in ignored states.
Not shown: 998 filtered tcp ports (no-response), 2 filtered tcp ports (net-unreach)
Nmap done: 1 IP address (1 host up) scanned in 18.70 seconds
我希望能够使用 hping 成功 ping 并使用 nmap 扫描开放端口。
我也在 bing.com 上测试了这些命令。ping 工作正常,但 hping 和 nmap 却报了同样的错误
答案1
- 请注意,您的平正在使用 IPv6,而平和nmap正在尝试通过 IPv4 发送数据包。要开始进行故障排除,请开始强制 ping 使用 ipv4。这应该可以表明这是 IPv4 / IPv6 问题。
ping -4
不要直接尝试使用互联网资源,因为您不知道中间有什么机制和防火墙可能会阻止您的请求。首先尝试开始扫描网络中的一些本地资源以检查 hping 或 nmap 的功能(例如尝试使用您的接入点等)。
如果 2. 和 3. 运行良好。尝试通过扫描不同的网站(例如 scanme.nmap.org)来缩小问题范围,看看 Google 是否针对简单的 nmap 扫描采取了一些安全缓解措施。
PS:没有完整的解决方案,只有一些从哪里开始调试的想法。