您好,我进行了一些设置,其中有一台运行 virtualbox 的 Debian 机器,这也是一台 Debian 机器。我在来宾计算机上安装了 apache,现在想看看我的主机是否可以找到该服务,但它没有
在客机上我用 进行了检查nmap localhost
,结果如下:
$ nmap localhost
Starting Nmap 6.40 ( http://nmap.org ) at 2020-05014 19:23 UTC
Nmap scan report for localhost (127.0.0.1)
Host is up (0.00045s latency).
Other addresses for localhost (not scanned): 127.0.0.1
Not shown: 989 closed ports
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
80/tcp open http
111/tcp open rpcbind
139/tcp open netbios-ssn
445/tcp open microsoft-ds
631/tcp open ipp
3000/tcp open ppp
3306/tcp open mysql
6667/tcp open irc
8181/tcp open unknown
Nmap done: 1 IP address (1 host up) scanned in 0.11 seconds
阿帕奇也在运行:
$ sudo service apache2 status
* apache2 is running
并正在侦听端口 80:
$ sudo netstat -anp | grep apache
tcp6 0 0 :::80 :::* LISTEN 3280/apache2
现在我想看看是否可以从主机远程查看打开的端口。进行扫描我得到以下输出:
$ nmap 10.0.2.15
Starting Nmap 7.80 ( https://nmap.org ) at 2020-05-14 15:18 EDT
Nmap scan report for 10.0.2.15
Nost is up (0.000039s latency).
Not shown: 999 closed ports
PORT STATE SERVICE
22/tcp open ssh
双方可以互相ping通。它仅显示端口 22 处于打开状态。访客防火墙设置如下:
# iptables --list
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:http flags:FIN,SYN,RST,ACK/SYN
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp dpt:ipp
ACCEPT tcp -- anywhere anywhere tcp dpt:http
ACCEPT tcp -- anywhere anywhere tcp dpt:6697
ACCEPT tcp -- anywhere anywhere tcp dpt:ftp
ACCEPT tcp -- anywhere anywhere tcp dpt:mysql
ACCEPT tcp -- anywhere anywhere tcp dpt:http
ACCEPT tcp -- anywhere anywhere tcp dpt:3000
ACCEPT tcp -- anywhere anywhere tcp dpt:3500
ACCEPT tcp -- anywhere anywhere tcp dpt:8181
ACCEPT tcp -- anywhere anywhere tcp dpt:microsoft-ds
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
Chain FORWARD (policy DROP)
target prot opt source destination
DOCKER-USER all -- anywhere anywhere
DOCKER-ISOLATION-STAGE-1 all -- anywhere anywhere
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere
DOCKER all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
我缺少什么?对于上下文:我在 kalilinux 主机上使用 metsploitable3 Vagrant-box。
答案1
您好,感谢您的回复。通过再次检查,我将其范围缩小到由 virtualbox 的嵌套使用和桥接网络的 vagrants 使用引起的一些问题。
我通过将用例更改为在 nat 网络中使用两个虚拟机来解决这个问题。它解决了问题。